Detections
Analytics

Novell eDirectory < 8.8.2 FTF2 / 8.7.3 SP10b Multiple Remote Overflows

critical Nessus Plugin ID 33397

Language:

Synopsis

The remote directory service is affected by multiple buffer overflows.

Description

The remote host is running eDirectory, a directory service software from Novell.

The installed version of eDirectory is affected by an integer overflow issue in ds.dlm / dhost.exe (bound by default to TCP port 524) as well as a heap-based buffer overflow that can be triggered by passing NULL search parameters to the LDAP service. An unauthenticated attacker may be able to leverage either issue to execute code on the remote host with SYSTEM privileges.

Solution

Upgrade to eDirectory 8.8.2 FTF2 / 8.7.3 SP10b or later.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-08-041/

https://seclists.org/fulldisclosure/2008/Jul/145

http://www.nessus.org/u?0f5cb3d8

https://seclists.org/fulldisclosure/2008/Jul/146

https://support.microfocus.com/kb/doc.php?id=3694858

https://support.microfocus.com/kb/doc.php?id=3843876

Plugin Details

Severity: Critical

ID: 33397

File Name: edirectory_ds_integer_overflow.nasl

Version: 1.20

Type: remote

Published: 7/7/2008

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:novell:edirectory

Required KB Items: Services/ldap

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2008-1809, CVE-2008-3159

BID: 30085, 30175

CWE: 119, 189