Vulnerability Description
ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack vector involving a string that contains escape sequences represented with "overlong UTF-8 encoding."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Ichain | 2.3 |
References
- http://secunia.com/advisories/12366
- http://securitytracker.com/id?1011074
- http://support.novell.com/cgi-bin/search/searchtid.cgi?2972080.htm
- http://www.osvdb.org/9266
- http://www.securityfocus.com/bid/11061Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17132
- http://secunia.com/advisories/12366
- http://securitytracker.com/id?1011074
- http://support.novell.com/cgi-bin/search/searchtid.cgi?2972080.htm
- http://www.osvdb.org/9266
- http://www.securityfocus.com/bid/11061Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17132
FAQ
What is CVE-2004-2579?
CVE-2004-2579 is a vulnerability with a CVSS score of 7.5 (HIGH). ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack vector involving a string that contains escape sequences repr...
How severe is CVE-2004-2579?
CVE-2004-2579 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2579?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Ichain.