A remote overflow exists in OpenManage. The HTTP server fails to validate certain POST requests resulting in a heap overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of confidentiality, integrity, and/or availability.

Currently, there are no known workarounds or upgrades to correct this issue. However, Dell has released a patch to address this vulnerability.

The patch release title is "Systems Management: Dell OpenManage Server Administrator Updates, Patch, Multi OS, English, Multi System, v.A01, SA_Security_Patch_WIN" for the windows release, "SA_Security_Patch_LX" for the Linux release, and "SA_Security_Patch_NW" for the Netware release. The patch was released on 3/2/2004.

• Secunia Advisory ID: 10994
• ISS X-Force ID: 15325
• CVE ID: 2004-0331 (see also: NVD)
• Bugtraq ID: 9750
• Keyword: Dell,OpenManage,Overflow
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-02/0650.html
• Other Advisory URL: http://sh0dan.org/files/domadv.txt
• Vendor Specific Solution URL: http://support.dell.com

• wirepair - wirepairsh0dan.org -