Environment
Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7.3 for All Platforms
Situation
The length of the "Accept-Language" value can cause a buffer overflow and overwrite the adjacent memory.
Resolution
For eDirectory 8.8:
Apply eDirectory 8.8.3
For eDirectory 8.7.3:
Apply eDirectory 8.7.3.10 ftf1
Apply eDirectory 8.8.3
For eDirectory 8.7.3:
Apply eDirectory 8.7.3.10 ftf1
Additional Information
ZDI-08-064: eDirectory Accept Language header heap overflow
http://www.zerodayinitiative.com/advisories/ZDI-08-064.html
This vulnerability was reported by an anonymous source through Zero Day Initiative (ZDI) established by TippingPoint, a division of 3Com.
CVE-2008-4479
http://www.zerodayinitiative.com/advisories/ZDI-08-064.html
This vulnerability was reported by an anonymous source through Zero Day Initiative (ZDI) established by TippingPoint, a division of 3Com.
CVE-2008-4479
