| VID |
12075 |
| Severity |
40 |
| Port |
8008,8010 |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Novell eDirectory Server iMonitor is vulnerable to a buffer overflow vulnerability. Novell eDirectory is a Lightweight Directory Access Protocol (LDAP)-enabled, directory-based identity management system that centralizes the management of user identities, access privileges and other network resources. Novell eDirectory version 8.7.3 and possibly earlier versions for Windows platforms is vulnerable to a buffer overflow in dhost.exe in iMonitor. A remote attacker could exploit this vulnerability to execute arbitrary code execution with Local System privileges or possibly cause the dhost.exe to crash. The server must be restarted to resume normal operation.
* References:
http://www.kb.cert.org/vuls/id/213165
http://secunia.com/advisories/16393/
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098568.htm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972038.htm
* Platforms Affected:
Novell eDirectory version 8.7.3 and possibly earlier versions
Microsoft Windows Any version |
| Recommendation |
Upgrade to the appropriate patch for your system, as listed in Novell Technical Information Document TID10098568 at http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098568.htm |
| Related URL |
CVE-2005-2551 (CVE) |
| Related URL |
14548 (SecurityFocus) |
| Related URL |
21794 (ISS) |
|
