Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Novell iManager Schema菜单类名称栈溢出漏洞
Vulnerability Description
Novell iManager是美国Novell公司的一款基于WEB的应用程序,可以使用无线设备管理、配置Novell eDirectory对象。 iManager在Schema菜单下提供了一个功能允许创建类,类名称最长为32个字符。这个限制是由客户端在表单字段中将maxlength属性设置为32来强制的,但在服务端没有执行验证来确保用户所定义的类名称没有超过32个字符。已认证的用户可以通过篡改在创建新类时发送类名称的POST请求就可以触发栈溢出,导致覆盖返回地址和SEH,以当前用户(iManager工作
CVSS Information
N/A
Vulnerability Type
N/A