Update Protection against Novell eDirectory NDS Verb Integer Overflow Vulnerability
| Check Point Reference: | CPAI-2010-014 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA37554 | |
| Industry Reference(s): | CVE-2009-0895 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Novell eDirectory 8.8.x prior to 8.8.5.2 Novell eDirectory prior to 8.7.3 SP10 FTF2 | ||
| Vulnerability Description An integer overflow was identified in Novell eDirectory. Novell eDirectory is a Lightweight Directory Access Protocol (LDAP) directory-based identity management system that centralizes the management of user identities, access privileges and many other network resources. An attacker can exploit this vulnerability to execute arbitrary code on a target system. |
||
|
Update/Patch Available Apply patches: Novell |
|
|
Vulnerability Details The vulnerability is due to errors in Novell eDirectory when processing maliciously crafted service requests (NDS Verb 0x1) with an overly large integer value that would be used in a memory allocation. A remote attacker can exploit this issue by sending a specially crafted request to a target host. Successful exploitation could allow the attacker to execute arbitrary code on the affected service. |
Protection Overview
This protection will detect and block malformed Novell NDS packets sent to the eDirectory system.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.
Additional Information
Security Vulnerability: Novell eDirectory Heap-based Buffer Overflow