Environment
Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7.3 for All Platforms
Novell eDirectory 8.7.3 for All Platforms
Situation
The specific flaw exists within the ds module loaded by dhost, bound by default to TCP port 524. Flawed arithmetic applied to a user-supplied value results in an integer overflow and subsequently a
complete stack smash allowing an attacker to execute arbitrary code via SEH redirection.
complete stack smash allowing an attacker to execute arbitrary code via SEH redirection.
Resolution
To resolve this issue in eDirectory 8.8.2:
Apply eDir 8.8.2 ftf2 or later
To resolve this issue in eDirectory 8.7.3:
Apply eDir 8.7.3 SP10b or later
Apply eDir 8.8.2 ftf2 or later
To resolve this issue in eDirectory 8.7.3:
Apply eDir 8.7.3 SP10b or later
Status
Security AlertAdditional Information
The vulnerability was reported by Sebastian Apelt through TippingPoint and the Zero Day Initiative.
http://www.zerodayinitiative.com/advisories/ZDI-CAN-276.html
ZDI-CAN-276: Integer overflow stack corruption
http://www.zerodayinitiative.com/advisories/ZDI-CAN-276.html
ZDI-CAN-276: Integer overflow stack corruption
