Added: 07/12/2010
CVE: CVE-2010-1929
BID: 40480
OSVDB: 65737
Novell iManager is a web-based management interface for other Novell products.
A buffer overflow vulnerability in jclient.dll allows remote attackers to execute arbitrary commands by sending a specially crafted EnteredClassName parameter to the nps/servlet/webacc program.
Upgrade to Novell iManager version 2.7.3 ftf4 or 2.7.4.
<http://secunia.com/advisories/40281>
Exploit works on Novell iManager 2.7.3 and requires a valid Novell iManager login, password, and tree name.
Windows