Security Vulnerability: iMonitor variable input validation failure causing DoS

  • Document ID:7004703
  • Creation Date:20-Oct-2009
  • Modified Date:27-Jan-2014
    • Micro Focus Products:
      eDirectory

Environment

Novell eDirectory 8.8 for All Platforms

Situation

iMonitor contains a defect where some input variables may not be validated resulting in an possible eDirectory crash causing a Denial of Service.

Resolution

This problem has been resolved in eDirectory 8.8.5 ftf1.

To resolve this issue, apply eDirectory 8.8.5 ftf1 or newer available at https://dl.netiq.com


Additional Information

This vulnerability was not reproducible on eDirectory 8.7.3.

This vulnerability was reported by  Offensive Security - http://offensive-security.com