Security vulnerability: evtFilteredMonitorEventsRequest Heap Overflow

  • 3496175
  • 11-Jan-2008
  • 27-Jan-2014

Environment


Novell eDirectory 8.8.1 for All Platforms
Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7.3.8 and prior for All Platforms

Situation

Successful exploitation of this vulnerability could allow an attacker to crash the server or execute arbitrary code. No credentials are required. Typically this daemon runs with administrator privileges.

Resolution

This vulnerability is resolved by applying eDirectory 8.8.1 ftf or newer version for eDirectory 8.8.X

edir881ftf_1.exe for NetWare/Windows and edir881ftf_1.tgz for Linux/Solaris/AIX is available at https://dl.netiq.com

This vulnerability is resolved by applying eDirectory 8.7.3 sp9 or newer version for eDirectory 8.7.3.X

https://support.novell.com/servlet/filedownload/uns/ftf/edir8739.tgz for AIX/Solaris/Linux
https://support.novell.com/servlet/filedownload/uns/ftf/edir8739.exe for NetWare/Windows

Status

Reported to Engineering
Security Alert

Additional Information

This vulnerability was reported by iDefense  http://www.idefense.com
iDefense #IDEF1747
CVE‑2006‑4509