Vulnerabilities > CVE-2006-4517 - Resource Management Errors vulnerability in Novell Imanager

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
novell
CWE-399

Summary

Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service (crash) in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference. This vulnerability is addressed in the following product release: Novell, iManager, 2.6

Vulnerable Configurations

Part Description Count
Application
Novell
5

Common Weakness Enumeration (CWE)