Signature Detail
Short Name |
APP:NOVELL:HTTP-NOVELL-REDIRECT |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Novell eDirectory HTTP Server Redirection Buffer Overflow |
Release Date |
2006/10/31 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Novell eDirectory HTTP Server Redirection Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Novell eDirectory HTTP Server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
The Novell eDirectory server iMonitor is prone to a stack-based buffer-overflow vulnerability because it fails to perform sufficient bounds checking on client-supplied data before copying it to a buffer. An attacker could leverage this issue to execute arbitrary code with administrative privileges. A successful exploit could result in the complete compromise of the affected system.
Affected Products
- Novell eDirectory 8.0.0
- Novell eDirectory 8.5.0
- Novell eDirectory 8.5.12 a
- Novell eDirectory 8.5.27
- Novell eDirectory 8.6.2
- Novell eDirectory 8.7.0
- Novell eDirectory 8.7.1
- Novell eDirectory 8.7.1 SU1
- Novell eDirectory 8.7.3
- Novell eDirectory 8.7.3.8
- Novell eDirectory 8.7.3.8 pre-SP9
- Novell eDirectory 8.8
- Novell eDirectory 8.8.1
References
- BugTraq: 20655
- CVE: CVE-2006-5478
- URL: http://www.mnin.org/advisories/2006_novell_httpstk.pdf