Security Vulnerability - eDirectory Core Protocol Opcode 0x0F Heap Overflow

  • 7001184
  • 19-Aug-2008
  • 26-Apr-2012


Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7.3 for All Platforms


A flaw exists in the calculation of memory allocation based on user supplied input.  This flaw can result in a heap overflow which could cause a ds crash and/or arbitrary code execution.


To resolve this issue:

In eDirectory 8.8.X:
Apply eDirectory 8.8.3

In eDirectory 8.7.3.X
Fix is targetted for eDirectory ftf1


Reported to Engineering
Security Alert

Additional Information


This vulnerability was discovered by Sebastian Apelt ( and reported by Zero Day Initiative (ZDI) established by TippingPoint, a division of 3Com.


Feedback service temporarily unavailable. For content questions or problems, please contact Support.