Novell.eDirectory.HttpStk.dlm.Stack.Overflow
Description
This indicates an attempt to exploit a buffer overflow vulnerability in Novell eDirectory.
The vulnerability is caused by an error that occurs when the vulnerable software handles client-supplied HTTP Host request-header. It allows a remote attacker to execute arbitrary code via a crafted request.
Attacker-supplied code can be executed on vulnerable systems with a privilege level equal to the process that loads the httpstk library (the Novell Directory Services process). By default, this is NT_AUTHORITY\SYSTEM on Windows and root on Linux and Solaris.
Affected Products
Novell eDirectory >=8.7.3.8 on windows and linux.
Impact
System compromise
Recommended Actions
FTF packages and additional information will be available on Novell's website by searching for one or more of the following TIDs: 2974592, 2974600, 2974603.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |