| Check Point Reference: |
CPAI-2008-224 |
| Date Published: |
10 Oct 2008 |
| Severity: |
High
|
| Last Updated: |
Tuesday 01 January, 2008 |
| Source: |
SecurityTracker Alert ID: 1020786 |
| Industry Reference: | CVE-2008-4478 |
| Protection Provided by: |
|
| Who is Vulnerable? | Novell eDirectory 8.8 prior to SP3
Novell eDirectory 8.7.3 prior to SP10 FTF1 |
| Vulnerability Description |
A remote code execution vulnerability exists in Novell eDirectory. Novell eDirectory is a cross-platform directory server used for identity management. Novell eDirectory utilizes various protocols to provide information services to various platforms, including HTTP-based SOAP. Novell eDirectory fails to handle SOAP connections with specially crafted Content-Length value.Unauthenticated remote attackers could exploit this vulnerability to execute arbitrary code by sending a maliciously crafted SOAP request to a vulnerable installation of Noverll eDirectory. |
| Update/Patch Avaliable | Novell has issued an update to correct this vulnerability:
TID 7000087 |
| Vulnerability Details | The vulnerability lies in the web console running on 8028/TCP and 8030/TCP. Novell eDirectory uses a web console to accept SOAP connections. While parsing a malicious Content-Length header value within a SOAP request, several integer overflows can occur, that may lead to arbitrary code execution on a vulnerable installation of Novell eDirectory. |
Feedback