Environment
Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7.3 for All Platforms
Novell eDirectory 8.7.3 for All Platforms
Situation
A stack overflow can occurring in iMonitor when processing an HTTP request with specially a crafted "Accept-Language" header.
The stack overflow can cause the eDirectory service to crash resulting in a Denial of Service.
The stack overflow can cause the eDirectory service to crash resulting in a Denial of Service.
Resolution
The problem has been corrected in eDirectory 8.8.5 and eDirectory 8.7.3.10 ftf2.
To resolve this issue, apply eDirectory 8.8.5 or newer for eDirectory 8.8.X and eDirectory 8.7.3.10 ftf2 or newer for eDirectory 8.7.3.X available at https://dl.netiq.com
To resolve this issue, apply eDirectory 8.8.5 or newer for eDirectory 8.8.X and eDirectory 8.7.3.10 ftf2 or newer for eDirectory 8.7.3.X available at https://dl.netiq.com
Status
Reported to EngineeringSecurity Alert
Additional Information
This vulnerability was reported by Alin Rad Pop, Secunia Research.
SA34160 http://secunia.com/advisories/34160
CVE-2009-0192
SA34160 http://secunia.com/advisories/34160
CVE-2009-0192