Security Vulnerability: DHOST Language Header Heap Overflow

  • 7000086
  • 14-Apr-2008
  • 26-Apr-2012


Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7.3 for All Platforms


The length of the "Accept-Language" value can cause a buffer overflow and overwrite the adjacent memory.


For eDirectory 8.8:
Apply eDirectory 8.8.3

For eDirectory 8.7.3:
Apply eDirectory ftf1

Additional Information

ZDI-08-064: eDirectory Accept Language header heap overflow

This vulnerability was reported by an anonymous source through Zero Day Initiative (ZDI) established by TippingPoint, a division of 3Com.