Novell eDirectory Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 2 Sep 2008 4808 Views

RISK: Medium Risk

Medium Risk

Multiple vulnerabilites have been identified in Novell eDirectory, which could be exploited by attackers to execute arbitrary scripting code, cause a denial of service or compromise a vulnerable system.

1. An unspecified heap overflow error, which could allow attackers to execute arbitrary code.

2. An unspecified memory corruption error, which could allow remote attackers to execute arbitrary code.

3. An unspecified buffer overflow error in LDAP, which could allow attackers to execute arbitrary code.

4. An unspecified input validation error in HTTPSTK, which could be exploited to conduct cross site scripting attacks.

5. A heap overflow error in HTTPSTK when processing the "Language" header, which could allow attackers to execute arbitrary code.

6. A heap overflow error in HTTPSTK when processing the "Content-length" header, which could allow attackers to execute arbitrary code.

Impact

  • Remote Code Execution

System / Technologies affected

  • Novell eDirectory version 8.8

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to Novell eDirectory 8.8 SP3 :
http://www.novell.com/support/microsites/microsite.do

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Novell Forum TCL Command Injection Vulnerability

1 Sep 2008 4769 Views

Next

VMware Products Multiple Vulnerabilities

2 Sep 2008 4775 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY