Signature Detail

APP: Novell eDirectory NDS Verb 0x01 Integer Overflow

An integer overflow has been reported in Novell eDirectory. The flaw is due to errors when processing maliciously crafted service requests (NDS Verb 0x1) with an overly large integer value that would be used in a memory allocation. A remote unauthenticated attacker can exploit this vulnerability by sending a malicious request to a target host. Successful exploitation could result in execution of arbitrary code within the security context of the currently logged on user. An unsuccessful exploit attempt may terminate the affected application abnormally causing a denial of service condition.

Extended Description

Novell eDirectory is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions. The issue affects the following: eDirectory 8.7.3.10 ftf1 and prior eDirectory 8.8.5 ftf1 and prior

Affected Products

• Novell eDirectory 8.7.3
• Novell eDirectory 8.7.3.10
• Novell eDirectory 8.7.3.10B Hotfix 1
• Novell eDirectory 8.7.3.8
• Novell eDirectory 8.7.3.8 pre-SP9
• Novell eDirectory 8.7.3.9
• Novell eDirectory 8.7.3 sp10
• Novell eDirectory 8.7.3 SP10b
• Novell eDirectory 8.7.3 SP10 FTF1
• Novell eDirectory 8.8
• Novell eDirectory 8.8.1
• Novell eDirectory 8.8.2
• Novell eDirectory 8.8.2 Ftf2
• Novell eDirectory 8.8.5 Ftf1
• Novell eDirectory 8.8 SP1
• Novell eDirectory 8.8 SP2
• Novell eDirectory 8.8 SP3
• Novell eDirectory 8.8 SP3 FTF3
• Novell eDirectory 8.8 SP4
• Novell eDirectory 8.8 SP4 FTF1
• Novell eDirectory 8.8 SP5
• Novell eDirectory 8.8 SP5 FTF1

References

• BugTraq: 37184
• CVE: CVE-2009-0895