APP: Novell ZENworks Malformed Content Length
This signature detects attempts to exploit a known vulnerability in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9. Attackers can send a HTTP POST request with a negative Content-Length parameter; a successful attack can cause a heap-base buffer overflow and allow arbitrary code execution.
Extended Description
Novell Remote Manager (novell-nrm) is prone to a remotely exploitable heap overflow vulnerability. This issue may be triggered by a malicious HTTP request header. Successful exploitation will allow for arbitrary code execution in the context of the application. Novell Remote Manager ships with the SuSE Open Enterprise Server only.
Affected Products
Suse open-enterprise-server
Short Name
APP:NOVELL:ZENWORKS-CONTENT-LEN
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2005-3655 Content Length Malformed Novell ZENworks bid:16226
Release Date
02/22/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/8008
False Positive
Unknown
Vendors
Suse
CVSS Score
7.5