Vulnerabilities > CVE-2002-1436 - Unspecified vulnerability in Novell Netware 5.1/6.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
novell
nessus
exploit available

Summary

The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request.

Vulnerable Configurations

Part Description Count
OS
Novell
4

Exploit-Db

descriptionNovell NetWare 5.1/6.0 HTTP Post Arbitrary Perl Code Execution Vulnerability. CVE-2002-1436. Remote exploit for novell platform
idEDB-ID:21731
last seen2016-02-02
modified2002-08-20
published2002-08-20
reporterDan Elder
sourcehttps://www.exploit-db.com/download/21731/
titleNovell NetWare 5.1/6.0 HTTP Post Arbitrary Perl Code Execution Vulnerability

Nessus

NASL familyNetware
NASL idNETWARE_POST_PERL.NASL
descriptionNovell NetWare contains multiple default web server installations. The NetWare Enterprise Web Server (Netscape/IPlanet) has a perl handler that will run arbitrary code given in a POST request. Versions 5.x (through SP4) and 6.x (through SP1) are affected.
last seen2020-06-01
modified2020-06-02
plugin id11158
published2002-11-21
reporterThis script is Copyright (C) 2002-2018 visigoth
sourcehttps://www.tenable.com/plugins/nessus/11158
titleNovell NetWare Web Handler Multiple Vulnerabilities