Signature Detail

Short Name	APP:NOVELL:EDIR-HEADER-DOS
Severity	Medium
Recommended	No
Recommended Action	Drop
Category	APP
Keywords	Novell eDirectory HTTP Headers Denial of Service
Release Date	2010/09/29
Update Number	1782
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: Novell eDirectory HTTP Headers Denial of Service

This signature detects attempts to exploit a known vulnerability against Novell eDirectory. A successful attack can result in a denial-of-service condition.

Extended Description

Novell eDirectory is prone to a denial-of-service vulnerability when handling requests with specially crafted HTTP 'Connection' headers. Remote attackers can exploit this issue to deny service to legitimate users. The issue affects versions prior to eDirectory 8.8.2 and prior to eDirectory 8.7.3 sp10 for Windows 2000/2003 systems.

Affected Products

Novell eDirectory 8.7.3
Novell eDirectory 8.7.3.8
Novell eDirectory 8.7.3.8 pre-SP9
Novell eDirectory 8.7.3.9
Novell eDirectory 8.8
Novell eDirectory 8.8.1

References

BugTraq: 28757
CVE: CVE-2008-0927

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

APP: Novell eDirectory HTTP Headers Denial of Service

Extended Description

Affected Products

References