Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4478

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-4478
Last Modified 07 Mar 2011 10:12:31
Published 14 Oct 2008 06:36:53
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4478

Summary

Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow.

Vulnerable Systems

Application

  • Novell Edirectory 8.7

  • Novell Edirectory 8.7.1

  • Novell Edirectory 8.7.3

  • Novell Edirectory 8.7.3.10

  • Novell Edirectory 8.7.3.8

  • Novell Edirectory 8.7.3.8 Presp9

  • Novell Edirectory 8.7.3.9

  • Novell Edirectory 8.8

  • Novell Edirectory 8.8.1

  • Novell Edirectory 8.8.2


References

CONFIRM - http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html

CONFIRM - http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html

XF - novell-edirectory-httpcontentlength-dos(45628)

MISC - http://www.zerodayinitiative.com/advisories/ZDI-08-065

MISC - http://www.zerodayinitiative.com/advisories/ZDI-08-063

VUPEN - ADV-2008-2738

SECTRACK - 1020990

SECTRACK - 1020989

BUGTRAQ - 20081008 ZDI-08-065: Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability

BUGTRAQ - 20081008 ZDI-08-063: Novell eDirectory dhost.exe Content-Length Header Heap Overflow Vulnerability

CONFIRM - http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7001184&sliceId=1&docTypeID=DT_TID_1_1&dialogID=78066829&stateId=0%200%2078062953

CONFIRM - http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7000087&sliceId=1&docTypeID=DT_TID_1_1&dialogID=78066829&stateId=0%200%2078062953

SREASON - 4406

SECUNIA - 32111


Last Updated: 27 May 2016 10:48:30