cbcvebase.
CVE-2004-0331
published 2004-11-23

CVE-2004-0331: Heap-based buffer overflow in Dell OpenManage Web Server 3.4.0 allows remote attackers to cause a denial of service (crash) via a HTTP POST with a long…

PriorityP431medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
15.83%
96.5th percentile
Heap-based buffer overflow in Dell OpenManage Web Server 3.4.0 allows remote attackers to cause a denial of service (crash) via a HTTP POST with a long application variable.

Affected

4 ranges
VendorProductVersion rangeFixed in
dellopenmanage
dellopenmanage
dellopenmanage
dellopenmanage

Detection & IOCsextracted from sources · hover to see the quote

processomws32.exe
  • Detect oversized HTTP POST requests targeting Dell OpenManage Web Server; the overflow is triggered by an excessively long application/file name variable in the POST body
  • Monitor for unexpected crashes or termination of the omws32.exe process following inbound HTTP POST requests, which may indicate exploitation attempts
  • ·Affected versions span a wider range (3.2–3.7.1) than the single version cited in the CVE description; ensure detection/patching coverage includes all versions in this range
  • ·The Metasploit module is classified as a DoS auxiliary but notes the vulnerability may be further exploitable beyond a crash under certain conditions
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.