Intrusion Prevention

Novell.iManager.eDirectory.Plugin.Remote.Code.Execution

Description

This indicates an attack attempt against a buffer overflow vulnerability in Novell iManager eDirectory plugin.
The vulnerability is caused by an error when the vulnerable software handles specially crafted parameters. It allows a remote attacker to execute arbitrary code.

Affected Products

Novell iManager 2.7.2
Novell iManager 2.7.1
Novell iManager 2.5
Novell iManager 2.0.2
Novell iManager 2.0
Novell iManager 1.5
Novell iManager 2.7.0
Novell iManager 2.6.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Install SP3 or newer for iManager 2.7 and the eDirectory 2.7.3 or install newer plug-in, available from the web site.
http://download.novell.com

CVE References

CVE-2009-4486