{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Novell Linux Desktop 9 ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}},{"description":"Novell CASA 1.x ;","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}},{"description":"Novell Open Enterprise Server.","product":{"name":"N/A","vendor":{"name":"Novell","scada":false}}}],"affected_systems_content":null,"content":"## Resum\u00e9\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente dans Novell Casa (Common Authentication\nService Adapter) peut \u00eatre exploit\u00e9e par un utilisateur mal intention\u00e9\npour r\u00e9aliser un d\u00e9ni de service ou \u00e9xecuter du code arbitraire sur le\nsyst\u00e8me vuln\u00e9rable.\n\n## Description\n\nL'application Novell CASA (Common Authentication Service Adapter) est\nl'application Novell utilis\u00e9e pour l'authentification communes des\nclients Linux, windows.\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente sur le module pam_micasa peut \u00eatre exploit\u00e9e\npar un utilisateur mal intentionn\u00e9 pour causer un d\u00e9bordement de m\u00e9moire\net r\u00e9aliser un d\u00e9ni de service ou ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n\n## Solution\n\nAppliquer le correctif disponible sur le site de l'\u00e9diteur (cf. section\ndocumentation).\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Novell du 22 f\u00e9vrier 2006 :","url":"http://www.novell.com/linux/security/advisories/2006_10_casa.html"},{"title":"Site internet de Novell :","url":"http://www.novell.com"}],"reference":"CERTA-2006-AVI-089","revisions":[{"description":"version initiale.","revision_date":"2006-02-23T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":null,"title":"Vuln\u00e9rabilit\u00e9 dans Novell CASA","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Mandriva","url":null}]}