Novell Netware Vulnerability

Title: Novell NetWare HTTP POST Perl Code Execution Vulnerability
ID: 11158
Category: Netware
URL: http://www.securityspace.com/smysecu....html?id=11158
Summary: Webserver perl handler executes arbitrary POSTs
Description:
Novell Netware contains multiple default web server installations.
The Netware Enterprise Web Server (Netscape/IPlanet) has a perl
handler which will run arbitrary code given to in a POST request
version 5.x (through SP4) and 6.x (through SP1) are effected.

Risk factor : High

Solution : Install 5.x SP5 or 6.0 SP2

Additionally, the enterprise manager web interface may be used to
unmap the /perl handler entirely. If it is not being used, minimizing
this service would be appropriate.

source: http://www.securityspace.com/smysecu....html?id=11158

You should add those links:

Novell Technical Information Document 2963307, about the Perl Vulnerability Patch at http://support.novell.com/servlet/tidfinder/2963307

Novell Security Alert: NOVL-2002-2963307, at http://archives.neohapsis.com/archiv...nerability.txt