|
-
November 22nd, 2002, 06:38 PM
#1
Novell Netware Vulnerability
Title: Novell NetWare HTTP POST Perl Code Execution Vulnerability
ID: 11158
Category: Netware
URL: http://www.securityspace.com/smysecu....html?id=11158
Summary: Webserver perl handler executes arbitrary POSTs
Description:
Novell Netware contains multiple default web server installations.
The Netware Enterprise Web Server (Netscape/IPlanet) has a perl
handler which will run arbitrary code given to in a POST request
version 5.x (through SP4) and 6.x (through SP1) are effected.
Risk factor : High
Solution : Install 5.x SP5 or 6.0 SP2
Additionally, the enterprise manager web interface may be used to
unmap the /perl handler entirely. If it is not being used, minimizing
this service would be appropriate.
source: http://www.securityspace.com/smysecu....html?id=11158
-
November 23rd, 2002, 03:05 AM
#2
Junior Member
You should add those links:
Novell Technical Information Document 2963307, about the Perl Vulnerability Patch at http://support.novell.com/servlet/tidfinder/2963307
Novell Security Alert: NOVL-2002-2963307, at http://archives.neohapsis.com/archiv...nerability.txt
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote