Signature Detail
Short Name |
APP:NOVELL-EDIR-LEN-DOS |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Novell eDirectory Unchecked Length Denial of Service |
Release Date |
2013/01/02 |
Update Number |
2219 |
Supported Platforms |
idp-4.0+, isg-3.4+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Novell eDirectory Unchecked Length Denial of Service
A denial of service vulnerability exists for Novell eDirectory. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted packet to the vulnerable server. This can cause the service to consume an excessive amount of memory, creating a denial of service condition in the process.
Extended Description
Novell eDirectory is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to crash the application, denying service to legitimate users.
Affected Products
- Novell eDirectory 8.8
- Novell eDirectory 8.8.1
- Novell eDirectory 8.8.2
- Novell eDirectory 8.8.2 Ftf2
- Novell eDirectory 8.8.5
- Novell eDirectory 8.8.5.2
- Novell eDirectory 8.8.5.3
- Novell eDirectory 8.8.5 Ftf1
- Novell eDirectory 8.8.5 FTF3
- Novell eDirectory 8.8 SP1
- Novell eDirectory 8.8 SP2
- Novell eDirectory 8.8 SP3
- Novell eDirectory 8.8 SP3 FTF3
- Novell eDirectory 8.8 SP4
- Novell eDirectory 8.8 SP4 FTF1
- Novell eDirectory 8.8 SP5
- Novell eDirectory 8.8 SP5 FTF1
- Novell eDirectory 8.8 SP5 Patch 4
References
- BugTraq: 46263
- CVE: CVE-2010-4327