Intrusion Prevention

Novell.eDirectory.evtFilteredMonitorEventsRequest.Heap.Overflow

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in Novell eDirectory server.
The vulnerability is caused by an error that occurs when the vulnerable software handles client LDAP messages. It allows a remote attacker to execute arbitrary code via a crafted request.

Affected Products

Novell eDirectory version 8.8.1 and prior

Impact

Arbitrary code execution

Recommended Actions

Apply the appropriate patch.
eDirectory Post 8.8.1 FTF1 for NW & Win32:
http://support.novell.com/servlet/filedownload/sec/pub/edir881ftf_1.exe/
eDirectory Post 8.8.1 FTF1 for Linux\Unix:
http://support.novell.com/servlet/filedownload/sec/pub/edir881ftf_1.tgz/
eDirectory 8.7.3 sp9 for AIX/Solaris/Linux:
http://support.novell.com/servlet/filedownload/uns/ftf/edir8739.tgz
eDirectory 8.7.3 sp9 for NetWare/Windows:
http://support.novell.com/servlet/filedownload/uns/ftf/edir8739.exe

CVE References

CVE-2006-4509