 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.11158 |
| Category: | Web Servers |
| Title: | Novell NetWare HTTP POST Perl Code Execution Vulnerability |
| Summary: | Novell Netware contains multiple default web server installations. |
| Description: | Summary: Novell Netware contains multiple default web server installations. Vulnerability Insight: The Netware Enterprise Web Server (Netscape/IPlanet) has a perl handler which will run arbitrary code given to in a POST request version 5.x (through SP4) and 6.x (through SP1) are effected. Solution: Install 5.x SP5 or 6.0 SP2. Additionally, the enterprise manager web interface may be used to unmap the /perl handler entirely. If it is not being used, minimizing this service would be appropriate. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2002-1436 BugTraq ID: 5520 http://www.securityfocus.com/bid/5520 Bugtraq: 20020820 NOVL-2002-2963307 - PERL Handler Vulnerability (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-08/0202.html http://www.iss.net/security_center/static/9916.php Common Vulnerability Exposure (CVE) ID: CVE-2002-1437 BugTraq ID: 5522 http://www.securityfocus.com/bid/5522 http://www.iss.net/security_center/static/9915.php Common Vulnerability Exposure (CVE) ID: CVE-2002-1438 BugTraq ID: 5521 http://www.securityfocus.com/bid/5521 http://www.iss.net/security_center/static/9917.php |
| Copyright | Copyright (C) 2002 visigoth |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |