Novell.Remote.Manager.Off-by-One.DoS
Description
This indicates an attack attempt to exploit a Denial of Service vulnerability in Novell Remote Manager.
The vulnerability is due to an input validation error in the application when handling a maliciously crafted HTTP "Host" field. As a result, a remote attacker may be able exploit this to cause a denial of service condition on the server via a craft HTTP request.
Affected Products
Novell Remote Manager 2.0.2 Release 99.10
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Currently we are unaware of any vendor supplied patch or updates available for this issue.
Note: Traffics through port 8009 are SSL encrypted and hence this signature requires "SSL Inspection" in FortiOS 5.0 with following configuration to detect the attack through port 8009:
SSL Inspection Options->HTTPS Inspection Port(s): 8009
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |