|
Novell eDirectory Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA32111
|
|
|
Release Date:
|
2008-10-03
|
|
Last Update:
|
2008-10-09
|
|
Popularity:
|
2,033 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
DoS
System access
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Novell eDirectory 8.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
| | CVE reference: | CVE-2008-4478
CVE-2008-4479
CVE-2008-4480
|
|
Description:
Some vulnerabilities have been reported in Novell eDirectory, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
1) Two calculation errors exist in the processing of replica verbs (Opcode 0x23 and 0x24) within dhost.exe, which can be exploited to cause heap-based buffer overflows.
2) An integer overflow error exists in the processing of the DSV_READ verb (Opcode 0x0F) within dhost.exe, which can be exploited to cause a heap-based buffer overflow.
3) An integer overflow error exists in the processing of HTTP Content-Length headers, which can be exploited to cause a heap-based buffer overflow.
4) A boundary error exists in the processing of HTTP Accept-Language headers, which can be exploited to cause a heap-based buffer overflow.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in version 8.7.3 SP10.
Solution:
Apply 8.7.3 SP10 FTF1.
Provided and/or discovered by:
The vendor credits:
1, 2) Sebastian Apelt, reported via ZDI.
3, 4) An anonymous researcher, reported via ZDI.
Changelog:
2008-10-08: Updated "Description" section with additional vulnerability details. Added vendor links to the "Original Advisory" section and updated credits.
2008-10-09: Updated "Description" section with additional vulnerability details. Added reporter links to the "Original Advisory" section. Added CVE references and updated credits.
Original Advisory:
Novell:
http://www.novell.com/support/viewContent.do?externalId=3477912
http://www.novell.com/support/viewContent.do?externalId=7001183
http://www.novell.com/support/viewContent.do?externalId=7001184
http://www.novell.com/support/viewContent.do?externalId=7000087
http://www.novell.com/support/viewContent.do?externalId=7000086
ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-08-063/
http://www.zerodayinitiative.com/advisories/ZDI-08-064/
http://www.zerodayinitiative.com/advisories/ZDI-08-065/
http://www.zerodayinitiative.com/advisories/ZDI-08-066/
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
5th Jan, 2009
|
New advisories:
|
15 |
|
New vulnerabilities:
|
33 |
|
Updated advisories:
|
65 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 Solutions | More...
|
|
