Results 1 to 2 of 2

Thread: Novell Netware Vulnerability

  1. #1
    Senior since the 3 dot era
    Join Date
    Nov 2001

    Novell Netware Vulnerability

    Title: Novell NetWare HTTP POST Perl Code Execution Vulnerability
    ID: 11158
    Category: Netware
    URL: http://www.securityspace.com/smysecu....html?id=11158
    Summary: Webserver perl handler executes arbitrary POSTs
    Novell Netware contains multiple default web server installations.
    The Netware Enterprise Web Server (Netscape/IPlanet) has a perl
    handler which will run arbitrary code given to in a POST request
    version 5.x (through SP4) and 6.x (through SP1) are effected.

    Risk factor : High

    Solution : Install 5.x SP5 or 6.0 SP2

    Additionally, the enterprise manager web interface may be used to
    unmap the /perl handler entirely. If it is not being used, minimizing
    this service would be appropriate.

    source: http://www.securityspace.com/smysecu....html?id=11158

  2. #2
    Junior Member
    Join Date
    Dec 2001
    You should add those links:

    Novell Technical Information Document 2963307, about the Perl Vulnerability Patch at http://support.novell.com/servlet/tidfinder/2963307

    Novell Security Alert: NOVL-2002-2963307, at http://archives.neohapsis.com/archiv...nerability.txt

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts