Security Vulnerability - LDAP Buffer Overflow

  • 3843876
  • 02-Apr-2008
  • 27-Jan-2014

Environment


Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7.3 for All Platforms

Situation

A heap based buffer overflow in LDAP can be exploited to allow for remote execution of code or a denial of service by causing eDirectory to crash.

Resolution

To resolve this issue for eDirectory 8.8:

Apply eDirectory 8.8.2 FTF2 or later

To resolve this issue for eDirectory 8.7.3:

Apply eDirectory 8.7.3.10b or later

Both patches are available at https://dl.netiq.com

Status

Reported to Engineering
Security Alert

Additional Information

This vulnerability was reported by an anonymous researcher working with iDefense VCP. https://www.idefense.com

CVE-2008-1809

Feedback service temporarily unavailable. For content questions or problems, please contact Support.