Novell eDirectory iMonitor 'Accept-Language' Request Buffer Overflow Vulnerability

Novell eDirectory iMonitor is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Attackers could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

The following are vulnerable:

Novell eDirectory 8.7.3 (prior to Hotfix 1)
Novell eDirectory 8.8 SP3 (prior to 8.8 SP3 FTF3)
Novell eDirectory 8.8 SP4 (prior to 8.8 SP4 FTF1)


Privacy Statement
Copyright 2010, SecurityFocus