Update Protection against Novell iManager eDirectory Plugin Schema Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2010-108 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory SA38030 | |
| Industry Reference(s): | CVE-2009-4486 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Novell iManager 2.7.2 and prior | ||
| Vulnerability Description A stack buffer overflow vulnerability was reported in the Novell iManager eDirectory plugin. Novell iManager is a web-based administration console that provides management of many other Novell products. The vulnerability is due to improper validation of user input by a sub-application. A remote, authenticated attacker can exploit this vulnerability by sending specially crafted parameters to the application. Successful exploitation of this vulnerability would result in arbitrary code execution with the privileges of the SYSTEM. |
||
|
Update/Patch Available The vendor, Novell, has released an advisory addressing this vulnerability: http://www.novell.com/support/viewContent.do?externalId=7004985&sliceId=1 |
|
|
Vulnerability Details The vulnerability is caused due to a boundary error in the eDirectory plugin when processing schema information. Successful exploitation allows execution of arbitrary code. |
Protection Overview
This protection will detect and block HTTP requests to the Novell iManager plugin with invalid request parameters.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.