Intrusion Prevention

Novell.eDirectory.evtFilteredMonitorEventsRequest.Invalid.Free

Description

This indicates a possible attempt to exploit an invalid freeing of unallocated memory vulnerability in Novell eDirectory. The vulnerability is caused by an invalid free in the "evtFilteredMonitorEventsRequest()" function when processing malformed requests.

Affected Products

Novell eDirectory 8.8.1
Novell eDirectory 8.8

Impact

System compromise.

Recommended Actions

Novell eDirectory Post 8.8.1 FTF1 for NW & Win32 :
http://support.novell.com/servlet/filedownload/sec/pub/edir881ftf_1.exe/
Novell eDirectory Post 8.8.1 FTF1 for Linux\Unix :
http://support.novell.com/servlet/filedownload/sec/pub/edir881ftf_1.tgz/

CVE References

CVE-2006-4510