This host is installed with Novell eDirectory and is prone to multiple vulnerabilities.

Successful exploitation will allow attackers to execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server, and disclose virtual memory including passwords. Impact Level: Application

Upgrade to Novell eDirectory version 8.8 SP8 Patch 4 or later. For updates refer https://www.netiq.com

Multiple errors exists due to, - Improper sanitization by the /nds/search/data script when input is passed via the 'rdn' parameter. - An error in the /nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images.

Novell eDirectory versions prior to 8.8 SP8 Patch 4

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

• http://osvdb.org/116128
• http://osvdb.org/116129
• http://www.securityfocus.com/archive/1/534284
• http://www.securitytracker.com/id/1031408
• https://www.novell.com/support/kb/doc.php?id=3426981

---

Updated on 2015-03-25