CVE-2005-3655Improper Restriction of Operations within the Bounds of a Memory Buffer in Open Enterprise Server

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
3.7%
top 11.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Open Enterprise Server
Timeline
PublishedDec 31
Latest updateMay 1

Description

Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attackers to execute arbitrary code via an HTTP POST request with a negative Content-Length parameter.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-rg7c-fwxq-w83r: Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attacke2022-05-01
CVEList
CVE-2005-3655: Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attacke2006-01-14
CVE-2005-3655 — Open Enterprise Server vulnerability | cvebase