Vulnerabilities > CVE-2004-0331 - Unspecified vulnerability in Dell Openmanage
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN dell
metasploit
Summary
Heap-based buffer overflow in Dell OpenManage Web Server 3.4.0 allows remote attackers to cause a denial of service (crash) via a HTTP POST with a long application variable.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Metasploit
description | This module exploits a heap overflow in the Dell OpenManage Web Server (omws32.exe), versions 3.2-3.7.1. The vulnerability exists due to a boundary error within the handling of POST requests, where the application input is set to an overly long file name. This module will crash the web server, however it is likely exploitable under certain conditions. |
id | MSF:AUXILIARY/DOS/HTTP/DELL_OPENMANAGE_POST |
last seen | 2020-05-23 |
modified | 2017-11-08 |
published | 2009-06-23 |
references | |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/dos/http/dell_openmanage_post.rb |
title | Dell OpenManage POST Request Heap Overflow (win32) |
References
- http://marc.info/?l=bugtraq&m=107781539829143&w=2
- http://marc.info/?l=bugtraq&m=107781539829143&w=2
- http://sh0dan.org/files/domadv.txt
- http://sh0dan.org/files/domadv.txt
- http://www.securityfocus.com/bid/9750
- http://www.securityfocus.com/bid/9750
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15325
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15325