Summary
This host is running Novell eDirectory and is prone to multiple multiple stack based buffer overflow vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code and deny the server.
Impact Level: System/Application
Solution
Upgrade to Novell eDirectory version 8.8.1 FTF1 or 8.7.3.9 (8.7.3 SP9) For updates refer to http://www.novell.com/support/kb/doc.php?id=3723994
Insight
The flaws are due to improper validation of user-supplied input via a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function.
Affected
Novell eDirectory 8.8.x to 8.8.1, and 8.x to 8.7.3.8 (8.7.3 SP8)
References
Severity
Classification
-
CVE CVE-2006-5478 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- ActFax Server Multiple Remote Buffer Overflow Vulnerabilities
- 7T Interactive Graphical SCADA System 'dc.exe' Command Injection Vulnerability
- Apache 'mod_proxy_http.c' Denial Of Service Vulnerability
- CA eTrust SCM Multiple HTTP Gateway Service Vulnerabilities
- Apple Safari Multiple Vulnerabilities June-09 (Win) - II