Novell eDirectory NCP Packet Processing Remote Heap Overflow Vulnerability

Novell eDirectory NCP Packet Processing Remote Heap Overflow Vulnerability

The Novell eDirectory server is prone to a heap-overflow vulnerability because it fails to perform sufficient bounds checking on client-supplied data before copying it to a buffer.

An attacker could leverage this issue to have arbitrary code execute with administrative privileges. A successful exploit could result in the complete compromise of the affected system.

eDirectory versions 8.8.1 and 8.8 were reported vulnerable; other versions may be vulnerable as well.