Novell Netware Vulnerability
Results 1 to 2 of 2

Thread: Novell Netware Vulnerability

  1. #1
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,542

    Novell Netware Vulnerability

    Title: Novell NetWare HTTP POST Perl Code Execution Vulnerability
    ID: 11158
    Category: Netware
    URL: http://www.securityspace.com/smysecu....html?id=11158
    Summary: Webserver perl handler executes arbitrary POSTs
    Description:
    ** Novell Netware contains multiple default web server installations.*
    ** The Netware Enterprise Web Server (Netscape/IPlanet) has a perl
    ** handler which will run arbitrary code given to in a POST request
    ** version 5.x (through SP4) and 6.x (through SP1) are effected.
    **
    ** Risk factor : High
    **
    ** Solution : Install 5.x SP5 or 6.0 SP2
    **
    ** Additionally, the enterprise manager web interface may be used to
    ** unmap the /perl handler entirely.* If it is not being used, minimizing
    ** this service would be appropriate.

    source: http://www.securityspace.com/smysecu....html?id=11158

  2. #2
    Junior Member
    Join Date
    Dec 2001
    Posts
    13
    You should add those links:

    Novell Technical Information Document 2963307, about the Perl Vulnerability Patch at http://support.novell.com/servlet/tidfinder/2963307

    Novell Security Alert: NOVL-2002-2963307, at http://archives.neohapsis.com/archiv...nerability.txt

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •