Novell eDirectory iMonitor 'Accept-Language' Request Buffer Overflow Vulnerability

Novell eDirectory iMonitor is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Attackers could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

The following are vulnerable:

Novell eDirectory 8.7.3 (prior to 8.7.3.10b Hotfix 1)
Novell eDirectory 8.8 SP3 (prior to 8.8 SP3 FTF3)
Novell eDirectory 8.8 SP4 (prior to 8.8 SP4 FTF1)


 

Privacy Statement
Copyright 2010, SecurityFocus