Novell eDirectory Heap Overflow and Denial of Service Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 8 Oct 2008 5297 Views

RISK: Medium Risk

Medium Risk

Multiple vulnerabilities have been identified in Novell eDirectory, which could be exploited by attackers to cause a denial of service or compromise a vulnerable system.

1. Due to heap overflow errors when processing update replica verbs (Opcode 0x23 and 0x24), which could be exploited by attackers to crash an affected service or execute arbitrary code.

2. Due to a heap overflow error when handling the DSV_READ verb (Opcode 0x0F), which could be exploited by attackers to crash an affected service or execute arbitrary code.

3. Due to an error when handling an invalid HTTP Content-Length field value, which could be exploited to cause a crash.

4. Due to an error when handling an oversized HTTP Accept-Language value, which could be exploited to cause a crash.

Impact

  • Denial of Service

System / Technologies affected

  • Novell eDirectory version 8.7.3 SP10 and prior
  • Novell eDirectory version 8.8.2 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

AppleTV Multiple Vulnerabilities

6 Oct 2008 5372 Views

Next

VMware ESX Server and VMware VirtualCenter Multiple Vulnerabilities

8 Oct 2008 5408 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY