Novell eDirectory iMonitor HTTPSTK Buffer Overflow Vulnerability

Novell eDirectory iMonitor HTTPSTK Buffer Overflow Vulnerability

UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

A proof of concept is available. Please see the references for more information.

A Metasploit Framework exploit module and other exploits are available.

/data/vulnerabilities/exploits/20655.rb
/data/vulnerabilities/exploits/20655.pl
/data/vulnerabilities/exploits/XHNB-Novell-eDirectory_remote_bof.c