Novell NetWare Web Server CGI2PERL.NLM PERL Handler Remote Overflow

high Nessus Plugin ID 11827

Language:

Synopsis

The remote service is vulnerable to a buffer overflow.

Description

The remote web server crashes when it receives a too long URL for the Perl handler.

It might be possible to make it execute arbitrary code through this flaw.

Solution

Upgrade to Netware Web Server Later than version 6.

See Also

https://www.securityfocus.com/archive/1/330120

Plugin Details

Severity: High

ID: 11827

File Name: netware_perl_overflow.nasl

Version: 1.24

Type: remote

Family: Netware

Published: 9/1/2003

Updated: 11/15/2018

Configuration: Enable paranoid mode

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:novell:netware

Required KB Items: Settings/ParanoidReport

Excluded KB Items: www/too_long_url_crash

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 7/23/2003

Reference Information

CVE: CVE-2003-0562

BID: 8251