Summary
This host is running Novell eDirectory and is prone to multiple vulnerabilities.
Impact
Successful exploitation allows attackers to crash the service leading to denial of service condition.
Impact Level: Application
Solution
Upgrade to Novell eDirectory 8.8 SP5 or later
http://www.novell.com/products/edirectory/
Insight
- An unspecified error occurs in DS\NDSD component while processing malformed LDAP request containing multiple . (dot) wildcard characters in the Relative Distinguished Name (RDN).
- An unspecified error occurs in DS\NDSD component while processing malformed bind LDAP packets.
- Off-by-one error occurs in the iMonitor component while processing malicious HTTP request with a crafted Accept-Language header.
Affected
Novell eDirectory 8.8 before SP5 on Linux.
References
Severity
Classification
-
CVE CVE-2009-0192, CVE-2009-2456, CVE-2009-2457 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities