CVE-2011-4188 - Vulnerability Details - OpenCVE

Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Novell	Imanager

Configuration 1 [-]

OR	cpe:2.3:a:novell:imanager::::::::
	cpe:2.3:a:novell:imanager:1.5:::::::*
	cpe:2.3:a:novell:imanager:2.0:::::::*
	cpe:2.3:a:novell:imanager:2.0.2:::::::*
	cpe:2.3:a:novell:imanager:2.5:::::::*
	cpe:2.3:a:novell:imanager:2.6.0:::::::*
	cpe:2.3:a:novell:imanager:2.7.0:::::::*
	cpe:2.3:a:novell:imanager:2.7.3:::::::*
	cpe:2.3:a:novell:imanager:2.7.3:ftf4::::::
	cpe:2.3:a:novell:imanager:2.7.3:sp3::::::

No data.

References

Link	Providers
http://secunia.com/advisories/48672
http://www.novell.com/support/viewContent.do?externalId=7002971
http://www.securitytracker.com/id?1026894
https://exchange.xforce.ibmcloud.com/vulnerabilities/74669

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-04-09T20:00:00

Updated: 2024-08-07T00:01:51.006Z

Reserved: 2011-10-25T00:00:00

Link: CVE-2011-4188

Vulnrichment

No data.

NVD

Status : Modified

Published: 2012-04-09T20:55:02.070

Modified: 2024-11-21T01:31:59.643

Link: CVE-2011-4188

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-04-04T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-28T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1026894", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1026894"}, {"name": "imanager-enteredattrname-dos(74669)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74669"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.novell.com/support/viewContent.do?externalId=7002971"}, {"name": "48672", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48672"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-4188", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1026894", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1026894"}, {"name": "imanager-enteredattrname-dos(74669)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74669"}, {"name": "http://www.novell.com/support/viewContent.do?externalId=7002971", "refsource": "CONFIRM", "url": "http://www.novell.com/support/viewContent.do?externalId=7002971"}, {"name": "48672", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48672"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:01:51.006Z"}, "title": "CVE Program Container", "references": [{"name": "1026894", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1026894"}, {"name": "imanager-enteredattrname-dos(74669)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74669"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.novell.com/support/viewContent.do?externalId=7002971"}, {"name": "48672", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48672"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-4188", "datePublished": "2012-04-09T20:00:00", "dateReserved": "2011-10-25T00:00:00", "dateUpdated": "2024-08-07T00:01:51.006Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:novell:imanager:*:*:*:*:*:*:*:*", "matchCriteriaId": "11F17256-DF3E-4C15-A062-44EF83C6B7DE", "versionEndIncluding": "2.7.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:imanager:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "83287853-0215-4B83-BF57-D1AEB247FB38", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:imanager:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "52BE3EE2-E5C2-4C82-BA81-1E0B0D7C5F46", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:imanager:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "BC7879DA-7878-461B-BCA5-2232C6F9CCD3", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:imanager:2.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C8E5445B-A87D-44D8-BB24-592FB78ADEC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:imanager:2.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "50360B96-A5EB-48BE-A6B5-DE7D3ECA3CFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:imanager:2.7.3:ftf4:*:*:*:*:*:*", "matchCriteriaId": "3B39D2B9-2F31-4930-B356-6F315CA34EED", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:imanager:2.7.3:sp3:*:*:*:*:*:*", "matchCriteriaId": "57C73F10-944E-4366-A02D-FC1AE155E073", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en la funci\u00f3n \"Create Attribute\" de JClient en Novell iManager v2.7.4 antes del parche 4 permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o posiblemente tener otro impacto no especificado a trav\u00e9s de un par\u00e1metro EnteredAttrName modificado a mano. Se trata de un problema relacionado con CVE-2010-1929."}], "id": "CVE-2011-4188", "lastModified": "2024-11-21T01:31:59.643", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-04-09T20:55:02.070", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/48672"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.novell.com/support/viewContent.do?externalId=7002971"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1026894"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74669"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/48672"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.novell.com/support/viewContent.do?externalId=7002971"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1026894"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74669"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}