Heap-based Buffer Overflow in Novell Open Enterprise Server Remote Manager
CVE-2005-3655

Currently unrated

Key Information:

Vendor: Novell
Status: Open Enterprise Server
Vendor: CVE Published:; 31 December 2005

Summary

A heap-based buffer overflow vulnerability exists in the Novell Open Enterprise Server Remote Manager (novell-nrm) for Novell SUSE Linux Enterprise Server 9. This vulnerability can be exploited by remote attackers via crafted HTTP POST requests that include a negative Content-Length parameter, potentially allowing them to execute arbitrary code on the affected system. Organizations using this product should implement appropriate security measures to mitigate this risk.

References

http://www.securityfocus.com/bid/16226

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/24111

vdb-entryx_refsource_XF

http://www.osvdb.org/22455

vdb-entryx_refsource_OSVDB

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 31, 2005
Vulnerability Reserved
Nov 18, 2005