Environment
Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7.3 for All Platforms
Situation
A heap based buffer overflow in LDAP can be exploited to allow for
remote execution of code or a denial of service by causing
eDirectory to crash.
Resolution
To resolve this issue for eDirectory 8.8:
Apply eDirectory 8.8.2 FTF2 or later
To resolve this issue for eDirectory 8.7.3:
Apply eDirectory 8.7.3.10b or later
Both patches are available at https://dl.netiq.com
Apply eDirectory 8.8.2 FTF2 or later
To resolve this issue for eDirectory 8.7.3:
Apply eDirectory 8.7.3.10b or later
Both patches are available at https://dl.netiq.com
Status
Reported to EngineeringSecurity Alert
Additional Information
This vulnerability was reported by an anonymous researcher working with iDefense VCP. https://www.idefense.com
CVE-2008-1809
CVE-2008-1809