Security Vulnerability: eDirectory NMAS BerDecodeLoginDataRequest DoS

  • 3226177
  • 30-Oct-2006
  • 27-Jan-2014


Novell Modular Authentication Service (NMAS) version 3.1.1 and prior
Novell eDirectory 8.7.3
Novell eDirectory 8.8


Remote exploitation of a denial of service (DoS) vulnerability in eDirectory product could allow an attacker to force the running daemon to cease servicing requests.


This vulnerability is fixed in NMAS 3.1.2 or later.

NMAS 3.1.2 is part of Security Services 2.0.3 which is available at the following location:

Go to to download the latest Security Services Pack.


Reported to Engineering
Security Alert

Additional Information

This vulnerability was reported by iDefense

iDefense #IDEF1735

Feedback service temporarily unavailable. For content questions or problems, please contact Support.