Novell is now a part of Micro Focus

My Favorites


Please to see your favorites.

Security Vulnerability: Integer overflow stack corruption

This document (3694858) is provided subject to the disclaimer at the end of this document.


Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7.3 for All Platforms


The specific flaw exists within the ds module loaded by dhost, bound by default to TCP port 524. Flawed arithmetic applied to a user-supplied value results in an integer overflow and subsequently a
complete stack smash allowing an attacker to execute arbitrary code via SEH redirection.


To resolve this issue in eDirectory 8.8.2:

Apply eDir 8.8.2 ftf2 or later

To resolve this issue in eDirectory 8.7.3:

Apply eDir 8.7.3 SP10b or later


Security Alert

Additional Information

The vulnerability was reported by Sebastian Apelt through TippingPoint and the Zero Day Initiative.

ZDI-CAN-276: Integer overflow stack corruption


This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:3694858
  • Creation Date:10-MAR-08
  • Modified Date:26-APR-12
    • NetIQeDirectory

Did this document solve your problem? Provide Feedback