Novell NetWare Web Server CGI2PERL.NLM PERL Handler Remote Overflow

High Nessus Plugin ID 11827

Synopsis

The remote service is vulnerable to a buffer overflow.

Description

The remote web server crashes when it receives a too long URL for the Perl handler.

It might be possible to make it execute arbitrary code through this flaw.

Solution

Upgrade to Netware Web Server Later than version 6.

See Also

http://www.securityfocus.com/archive/1/330120

Plugin Details

Severity: High

ID: 11827

File Name: netware_perl_overflow.nasl

Version: $Revision: 1.22 $

Type: remote

Family: Netware

Published: 2003/09/01

Modified: 2014/05/26

Dependencies: 10107

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:novell:netware

Required KB Items: Settings/ParanoidReport

Excluded KB Items: www/too_long_url_crash

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2003/07/23

Reference Information

CVE: CVE-2003-0562

BID: 8251