This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote web server.
The remote host is running Novell Remote Manager HTTP service
for SuSE Enterprise or Open Enterprise Server.
The remote version of this software is vulnerable to a heap overflow
attack that may be exploited by sending a negative value for the
Since the 'httpstkd' service runs with the root privileges, an
attacker can leverage this issue to gain full control of the remote
Novell has released a patch for the novell-nrm service :
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.4
Public Exploit Available : false
Family: Web Servers
Nessus Plugin ID: 20747 ()
Bugtraq ID: 16226
CVE ID: CVE-2005-3655
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.