Security Vulnerability: eDirectory DoS dhost request with certain characters

  • 7011533
  • 18-Dec-2012
  • 27-Jan-2014

Environment


NetIQ eDirectory 8.8.7.X on Windows
NetIQ eDirectory 8.8.6.X on Windows

Situation

dhost on Windows can be caused to crash with crafted authenticated http requests that contains certain special characters.


Resolution

To protect against this issue, apply eDirectory 8.8.7.2 or newer code for eDirectory 8.8.7.X and eDirectory 8.8.6.X available at https://dl.netiq.com

Status

Security Alert

Additional Information

This vulnerability was reported by specialists of Positive Research, The Positive Techologies company research center.

CVE-2012-0429