Novell is now a part of Micro Focus

My Favorites

Close

Please to see your favorites.

Buffer overflow vulnerability against eDirectory 8.7.3 imonitor on Windows

(Last modified: 30May2006)

This document (10098568) is provided subject to the disclaimer at the end of this document.

symptom

Buffer overflow vulnerability against eDirectory 8.7.3 imonitor on Windows

fact

Novell eDirectory 8.7 for Windows NT

Novell eDirectory 8.7 for Windows 2000

Novell eDirectory 8.7.1 for Windows NT

Novell eDirectory 8.7.1 for Windows 2000

Novell eDirectory 8.7.3 for Windows 2000

Novell eDirectory 8.7.3 for Windows 2003

Novell eDirectory 8.7.3 for Windows NT

symptom

This vulnerability will cause dhost.exe to crash causing a denial of service and can allow access to files.

fix

Apply edir873ptf_imon1.exe available at Novell Support Site to resolve the vulnerability.  This fix should be applied to eDirectory 8.7.3 IR4 or 8.7.3 IR6.  The fix will be included in IR7.  See TID 2972038 for the  patch. Versions of eDirectory prior to 8.7.3 should upgrade eDirectory to 8.7.3 then apply the latest version service pack available at on Novell's Support Site www.novell.com/support

note

This vulnerability was reported by NGS Software NGS

Expansion of vulnerability reported by David Gloede, Michael Ligh, Ryan Smith and Amanda Wright.

CAN-2005-2551

CERT VU# 213165

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

  • Document ID:
  • 10098568
  • Solution ID: NOVL103077
  • Creation Date: 09Aug2005
  • Modified Date: 30May2006
    • NovellDirectory Services

Did this document solve your problem? Provide Feedback