NetWare Remote Manager
Created 4/8/02
Impact
A remote attacker who is able to exploit this buffer
overflow could cause the Remote Manager to crash or
execute arbitrary code on the system.
Background
The NetWare Remote Manager is an SSL-enabled web interface
for managing a NetWare server. It is implemented by the
HTTPSTK.NLM module and listens on port
8009.
The Problem
A buffer overflow condition in the processing of basic
HTTP authentication could allow a remote
attacker to crash the service or execute arbitrary commands.
Novell NetWare 5.1 up through support pack 3, and NetWare
6.0 up through support pack 1 are affected by this
vulnerability.
Resolution
Follow the
patch instructions provided by Novell.
Where can I read more about this?
This vulnerability was posted to Bugtraq.