Zero-friction vulnerability management platform
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Novell eDirectory Multiple Vulnerabilities (Linux)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is running Novell eDirectory, which is prone to XSS, Denial of Service, and Remote Code Execution Vulnerabilities.
Insight
Insight
Multiple flaw are due to, - errors in HTTP Protocol Stack that can be exploited to cause heap based buffer overflow via a specially crafted language/content-length headers. - input passed via unspecified parameters to the HTTP Protocol Stack is not properly sanitzed before being returned to the user. - Multiple unknown error exist in LDAP and NDS services.
Affected Software
Affected Software
Novell eDirectory 8.8 SP2 and prior versions on Linux (All).
Solution
Solution
Apply 8.8 Service Pack 3.
Common Vulnerabilities and Exposures (CVE)
References
- http://secunia.com/advisories/31684
- http://securitytracker.com/alerts/2008/Aug/1020788.html
- http://securitytracker.com/alerts/2008/Aug/1020787.html
- http://securitytracker.com/alerts/2008/Aug/1020786.html
- http://securitytracker.com/alerts/2008/Aug/1020785.html
- http://download.novell.com/Download?buildid=RH_B5b3M6EQ~