Intrusion Prevention



This indicates an attempt to exploit a buffer overflow vulnerability in Novell eDirectory.
The vulnerability is caused by an error that occurs when the vulnerable software handles client-supplied HTTP Host request-header. It allows a remote attacker to execute arbitrary code via a crafted request.
Attacker-supplied code can be executed on vulnerable systems with a privilege level equal to the process that loads the httpstk library (the Novell Directory Services process). By default, this is NT_AUTHORITY\SYSTEM on Windows and root on Linux and Solaris.

Affected Products

Novell eDirectory >= on windows and linux.


System compromise

Recommended Actions

FTF packages and additional information will be available on Novell's website by searching for one or more of the following TIDs: 2974592, 2974600, 2974603.

CVE References