SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   Dell OpenManage Vendors:   Dell
(Vendor Issues Fix) Dell OpenManage Server Heap Overflow May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1009313
SecurityTracker URL:  http://securitytracker.com/id/1009313
CVE Reference:   CVE-2004-0331   (Links to External Site)
Updated:  Mar 23 2004
Original Entry Date:  Mar 4 2004
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 3.2.0 through 3.7.1
Description:   A buffer overflow vulnerability was reported in the Dell OpenManage Server. A remote user may be able to execute arbitrary code on the target system.

wirepair reported that a remote user can send a specially crafted HTTP POST request to the target server on TCP port 1311 (default port). If the POST request contains a hidden variable with a value that is a long string, the target server will reportedly attempt to open an 'ini' file based on the user-supplied string. Because the length of the user-supplied input is not validated, a remote user can overwrite the heap with arbitrary data, the report said.

The vendor has reportedly been notified.

The original advisory, including some descriptions of Dell's initial responses, is available at:

http://sh0dan.org/files/domadv.txt

Impact:   A remote user can cause the target service to crash and may be able to execute arbitrary code on the target system.
Solution:   Dell has issued a patch for OpenManage 3.2.0 through 3.7.1 releases for Server Administrator versions 1.2.0 through 1.7.0 and for the Management Station Component of Remote Install versions 1.0.0 through 1.2.0.

The patch file 'SA_Security_Patch_WIN_A01.exe' is available at:

http://support.dell.com/filelib/exportcompliance.aspx?FileID=96563&ReleaseID=R74029&location=2&st=
http://support.dell.com/filelib/exportcompliance.aspx?FileID=96563&ReleaseID=R74029&location=1&st=

Vendor URL:  support.dell.com/filelib/download.aspx?FileID=96563&c=us&l=en&s=DHS&Category=36&OS=WNT5&OSL=EN&SvcTag=&SysID=PWE_FOS_XEO_6650&DeviceID=2954&Type=&ReleaseID=R74029 (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (NT), Windows (2000), Windows (2003)

Message History:   This archive entry is a follow-up to the message listed below.
Feb 27 2004 Dell OpenManage Server Heap Overflow May Let Remote Users Execute Arbitrary Code



 Source Message Contents

Subject:  Fix


http://support.dell.com/filelib/download.aspx?FileID=96563&c=us&l=en&s=DHS&Category=36&OS=WNT5&OSL=EN&SvcTag=&SysID=PWE_FOS_XEO_6650&DeviceID=2954&Type=&ReleaseID=R74029

 > Criticality: 	2 = Critical


 > Release Title: Systems Management: Dell OpenManage Server Administrator Updates, Patch, 
Windows 2000, Windows NT 4.0, Windows Server 2003, English, Multi System, v.A01, 
SA_Security_Patch_WIN

 > FileName: SA_Security_Patch_WIN_A01.exe [136 KB]

 > Release Date: 3/2/2004

Dell has issued a patch for OpenManage 3.2.0 through 3.7.1 releases for Server 
Administrator versions 1.2.0 through 1.7.0 and for the Management Station Component of 
Remote Install versions 1.0.0 through 1.2.0.
		
Filename: SA_Security_Patch_WIN_A01.exe

Available at:

http://support.dell.com/filelib/exportcompliance.aspx?FileID=96563&ReleaseID=R74029&location=2&st=
http://support.dell.com/filelib/exportcompliance.aspx?FileID=96563&ReleaseID=R74029&location=1&st=


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC