Novell EDirectory NCP Memory Corruption Vulnerability - (Linux) Network Vulnerability

Summary

This host is running Novell eDirectory and is prone to Memory Corruption Vulnerability.

Impact

Successful exploitation allows attackers to corrupt process memory, which will allow remote code execution on the target machines or can cause denial of service condition. Impact Level: Application

Solution

Upgrade to 8.7.3 SP10 FTF1 or 8.8 SP3, or Apply the available patch from below link, http://download.novell.com/Download?buildid=DwSGwHlu4pc~ http://download.novell.com/Download?buildid=wxO984kvjmc~ ***** NOTE: Ignore this warning if above mentioned patch is already applied. *****

Insight

The flaw is due to a use-after-free error in the NetWare Core Protocol(NCP) engine when handling 'Get NCP Extension Information by Name' Requests.

Affected

Novell eDirectory before 8.7.3 SP10 and 8.8 SP2 and prior on Linux.

References

http://secunia.com/advisories/32395
http://xforce.iss.net/xforce/xfdb/46138

Updated on 2017-03-28

Severity

Classification

CVE CVE-2008-5038

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities -02 April 13 (Windows)
Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Mac OS X)
Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities - Mac OS X

Novell eDirectory NCP Memory Corruption Vulnerability - (Linux)

Take action and discover your vulnerabilities