Vulnerabilities > CVE-2004-0331 - Heap Overflow vulnerability in Dell OpenManage Web Server POST Request
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Heap-based buffer overflow in Dell OpenManage Web Server 3.4.0 allows remote attackers to cause a denial of service (crash) via a HTTP POST with a long application variable.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Metasploit
description | This module exploits a heap overflow in the Dell OpenManage Web Server (omws32.exe), versions 3.2-3.7.1. The vulnerability exists due to a boundary error within the handling of POST requests, where the application input is set to an overly long file name. This module will crash the web server, however it is likely exploitable under certain conditions. |
id | MSF:AUXILIARY/DOS/HTTP/DELL_OPENMANAGE_POST |
last seen | 2020-05-23 |
modified | 2017-11-08 |
published | 2009-06-23 |
references | |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/http/dell_openmanage_post.rb |
title | Dell OpenManage POST Request Heap Overflow (win32) |