Novell eDirectory Multiple Security Vulnerabilities

Novell eDirectory is prone to following multiple remote vulnerabilities:

1. A cross-site scripting vulnerability
2. A denial-of-service vulnerability
3. An information-disclosure vulnerability
4. A stack-based buffer-overflow vulnerability

Exploiting these issues could allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, disclose sensitive information, execute arbitrary code, or cause a denial-of-service condition. Other attacks are possible.

Novell eDirectory versions prior to 8.8.7.2 and 8.8.6.7 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus