Novell Home

My Favorites

Close

Please to see your favorites.

Security Vulnerability: Integer overflow stack corruption

This document (3694858) is provided subject to the disclaimer at the end of this document.

Environment

Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7.3 for All Platforms

Situation

The specific flaw exists within the ds module loaded by dhost, bound by default to TCP port 524. Flawed arithmetic applied to a user-supplied value results in an integer overflow and subsequently a
complete stack smash allowing an attacker to execute arbitrary code via SEH redirection.

Resolution

To resolve this issue in eDirectory 8.8.2:

Apply eDir 8.8.2 ftf2 or later

To resolve this issue in eDirectory 8.7.3:

Apply eDir 8.7.3 SP10b or later


Status

Security Alert

Additional Information

The vulnerability was reported by Sebastian Apelt through TippingPoint and the Zero Day Initiative.

http://www.zerodayinitiative.com/advisories/ZDI-CAN-276.html

ZDI-CAN-276: Integer overflow stack corruption


Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:3694858
  • Creation Date:10-MAR-08
  • Modified Date:26-APR-12
    • NetIQeDirectory

Did this document solve your problem? Provide Feedback