A remote overflow exists in Novell Remote Manager. The product fails to handle HTTP POST requests with a negative Content-Length paramater resulting in a heap overflow. With a specially crafted request, an attacker can cause execution of arbitrary code resulting in a loss of integrity.

Upgrade to novell-nrm version 1.3-8 and novell-nrm-welcome version 3.0-1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• Security Tracker: 1015487
• Bugtraq ID: 16226
• Secunia Advisory ID: 18484
• SCIP VulDB ID: 1982
• CVE ID: 2005-3655 (see also: NVD)
• ISS X-Force ID: 24111
• Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0471.html
• Vendor Specific Solution URL: http://download.novell.com/Download?buildid=hH7c5pVySqI~
• Vendor Specific Advisory URL: http://lists.suse.com/archive/suse-security-announce/2006-Jan/0002.html
  http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/1af470a99a736eb966cc0e52fb71ee98.html
• Other Advisory URL: http://www.idefense.com/intelligence/vulnerabilities/display.php?id=371
• Keyword: TID1af470a99a736eb966cc0e52fb71ee98,patch-10763

• Anonymous - iDefense Labs VCP

We currently have no CVSS2 data on this vulnerability. Feel free to suggest it.