CVE-2011-4188

Description

Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929.

Affected products

• Novell / imanager2.0 – 2.0
• Novell / imanager2.7.4
• Novell / imanager1.5 – 1.5
• Novell / imanager2.0.2 – 2.0.2
• Novell / imanager2.5 – 2.5
• Novell / imanager2.6.0 – 2.6.0
• Novell / imanager2.7.0 – 2.7.0
• Novell / imanager2.7.3 – 2.7.3
• Novell / imanager2.7.3 – 2.7.3
• Novell / imanager2.7.3 – 2.7.3

References

• MISChttp://www.securitytracker.com/id?1026894
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/74669
• MISChttp://www.novell.com/support/viewContent.do?externalId=7002971
• VENDOR_ADVISORYhttp://secunia.com/advisories/48672