Novell eDirectory iMonitor Buffer Overflow Vulnerability
RISK: Medium Risk
A vulnerability has been identified in Novell eDirectory, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. This issue is caused by a buffer overflow error in iMonitor when handling a malformed "Accept-Language" header, which could be exploited by remote attackers to crash an affected service or execute arbitrary code.
Impact
- Denial of Service
- Remote Code Execution
System / Technologies affected
- Novell eDirectory versions prior to 8.8 SP3 FTF3
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Upgrade to Novell eDirectory 8.8 SP3 FTF3
Linux & Unix
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5042340.htmlNetware
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5042341.htmlWindows
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5042342.html
Vulnerability Identifier
- No CVE information is available
Source
Related Link
- http://www.vupen.com/english/advisories/2009/0559
- http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5042340.html
- http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5042341.html
- http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5042342.html
Share with