Novell is now a part of Micro Focus

My Favorites

Close

Please to see your favorites.

Security Vulnerability: eDirectory eMBox SOAP Request Parsing DoS

This document (7005341) is provided subject to the disclaimer at the end of this document.

Environment


Novell eDirectory 8.7.3.10 for All Platforms
Novell eDirectory 8.8 for All Platforms

Situation

The specific flaw exists within the NDS daemon's SOAP service. When a malformed request is made to the novell.embox.connmgr.serverinfo SOAP action, the daemon makes an illegal reference thereby resulting in a
denial of service.

Resolution

This vulnerability is resolved in eDirectory 8.8.5 patch 3 or newer.

For eDirectory 8.8.X:

Apply eDirectory 8.8.5 patch 3 or newer version available by download at http://dl.netiq.com

For eDirectory 8.7.3.X:

Option 1:  Upgrade to 8.8.5 patch 3

Option 2:  DIsable eMBox on the server.
 
Linux/Unix:
Modify the /usr/lib/nds-modules/ndsmodules.conf file and comment out the embox module to prevent ndsd from auto loading the module.
Rename the /usr/lib/nds-modules/libembox.so* files so that the modules can't be loaded.
     EX:  mv /usr/lib/nds-modules/libembox.so /usr/lib/nds-modules/libembox.so.bak; mv /usr/lib/nds-modules/libembox.so.1.0 /usr/lib/nds-modules/libembox.so.1.0-bak

Windows:
Stop the embox.dlm in the Novell eDirectory Services under Control Panel.
Rename or move the c:\novell\nds\embox.dlm. 
   EX:  Rename c:\novell\nds\embox.dlm to embox.bak

NetWare:
Unload embox.nlm
Rename or move the SYS:\SYSTEM\embox.nlm
   EX:  Rename SYS:\SYSTEM\EMBOX.NLM to EMBOX.OLD
Modify the SYS:\SYSTEM\AUTOEXEC.NCF to make sure embox.nlm isn't being loaded.
 


Additional Information

This vulnerability was reported by TippingPoint, The Zero Day Initiative ZDI
This vulnerability was discovered by:    * 1c239c43f521145fa8385d64a9c32243


Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7005341
  • Creation Date:12-FEB-10
  • Modified Date:27-JAN-14
    • NetIQeDirectory

Did this document solve your problem? Provide Feedback