Security Vulnerability - LDAP Buffer Overflow

  • 3843876
  • 02-Apr-2008
  • 27-Jan-2014


Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7.3 for All Platforms


A heap based buffer overflow in LDAP can be exploited to allow for remote execution of code or a denial of service by causing eDirectory to crash.


To resolve this issue for eDirectory 8.8:

Apply eDirectory 8.8.2 FTF2 or later

To resolve this issue for eDirectory 8.7.3:

Apply eDirectory or later

Both patches are available at


Reported to Engineering
Security Alert

Additional Information

This vulnerability was reported by an anonymous researcher working with iDefense VCP.