Lucene search

[email protected]CVE-2010-1930

HistoryJun 28, 2010 - 5:30 p.m.

CVE-2010-1930

2010-06-2817:30:01

CWE-189

[email protected]

web.nvd.nist.gov

cve-2010-1930

novell imanager

remote attack

denial of service

daemon crash

nps

servlet

webacc

security vulnerability

6.5 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.03 Low

EPSS

Percentile

91.0%

JSON

Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc.

Affected configurations

NVD

Node

novellimanagerMatch2.7.0

novellimanagerMatch2.7.3

novellimanagerMatch2.7.3ftf2

CPENameOperatorVersion
novell:imanagernovell imanagereq2.7.0
novell:imanagernovell imanagereq2.7.3

CPE	Name	Operator	Version
novell:imanager	novell imanager	eq	2.7.0
novell:imanager	novell imanager	eq	2.7.3

References

secunia.com/advisories/40281

securitytracker.com/id?1024152

www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilities

www.exploit-db.com/exploits/14010

www.osvdb.org/65738

www.securityfocus.com/archive/1/511983/100/0/threaded

www.securityfocus.com/bid/40485

www.vupen.com/english/advisories/2010/1575

exchange.xforce.ibmcloud.com/vulnerabilities/59695

6.5 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.03 Low

EPSS

Percentile

91.0%

JSON

Related for CVE-2010-1930

prion1 cvelist1 nvd1 checkpoint_advisories1 securityvulns2 packetstorm1 seebug1 openvas2 exploitpack1 exploitdb1