Security Vulnerability - LDAP Buffer Overflow

  • 3843876
  • 02-Apr-2008
  • 27-Jan-2014


Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7.3 for All Platforms


A heap based buffer overflow in LDAP can be exploited to allow for remote execution of code or a denial of service by causing eDirectory to crash.


To resolve this issue for eDirectory 8.8:

Apply eDirectory 8.8.2 FTF2 or later

To resolve this issue for eDirectory 8.7.3:

Apply eDirectory or later

Both patches are available at


Reported to Engineering
Security Alert

Additional Information

This vulnerability was reported by an anonymous researcher working with iDefense VCP.


Feedback service temporarily unavailable. For content questions or problems, please contact Support.