Security Vulnerability: eDirectory eMBox SOAP Request Parsing DoS

  • 7005341
  • 12-Feb-2010
  • 27-Jan-2014

Environment


Novell eDirectory 8.7.3.10 for All Platforms
Novell eDirectory 8.8 for All Platforms

Situation

The specific flaw exists within the NDS daemon's SOAP service. When a malformed request is made to the novell.embox.connmgr.serverinfo SOAP action, the daemon makes an illegal reference thereby resulting in a
denial of service.

Resolution

This vulnerability is resolved in eDirectory 8.8.5 patch 3 or newer.

For eDirectory 8.8.X:

Apply eDirectory 8.8.5 patch 3 or newer version available by download at https://dl.netiq.com

For eDirectory 8.7.3.X:

Option 1:  Upgrade to 8.8.5 patch 3

Option 2:  DIsable eMBox on the server.
 
Linux/Unix:
Modify the /usr/lib/nds-modules/ndsmodules.conf file and comment out the embox module to prevent ndsd from auto loading the module.
Rename the /usr/lib/nds-modules/libembox.so* files so that the modules can't be loaded.
     EX:  mv /usr/lib/nds-modules/libembox.so /usr/lib/nds-modules/libembox.so.bak; mv /usr/lib/nds-modules/libembox.so.1.0 /usr/lib/nds-modules/libembox.so.1.0-bak

Windows:
Stop the embox.dlm in the Novell eDirectory Services under Control Panel.
Rename or move the c:\novell\nds\embox.dlm. 
   EX:  Rename c:\novell\nds\embox.dlm to embox.bak

NetWare:
Unload embox.nlm
Rename or move the SYS:\SYSTEM\embox.nlm
   EX:  Rename SYS:\SYSTEM\EMBOX.NLM to EMBOX.OLD
Modify the SYS:\SYSTEM\AUTOEXEC.NCF to make sure embox.nlm isn't being loaded.
 


Additional Information

This vulnerability was reported by TippingPoint, The Zero Day Initiative ZDI
This vulnerability was discovered by:    * 1c239c43f521145fa8385d64a9c32243