New vulnerabilities in Novell's eDirectory
Novell's directory access service eDirectory and its web front end iMonitor can under certain circumstances be paralysed by targeted attacks from off the net, security vendor iDefense has reported. It claims that the BerDecodeLoginDataRequest function can lead to an illegal memory access that crashes the server process when presented with manipulated log-in requests. The Tomcat-Server from iMonitor stumbles over TREE parameters longer than 256 bytes in HTTP POST requests. This makes the service inoperable until restarted.
Neither vulnerability can be used to smuggle code, iDefense reports. Novell has confirmed the holes for eDirectory 8.8 and 8.8.1 on Linux and Solaris and in iMonitor 2.5 on all platforms. Older versions may also be affected as well. There are clearly no workarounds as yet, although the software maker is offering Security Services Patch 2.0.3 for eDirectory and a version of iMonitor 2.6 without the error. eDirectory admins should apply the patches as soon as possible.
Please see also:
- Novell eDirectory NMAS BerDecodeLoginDataRequeset DoS Vulnerability, Advisory from iDefense
- Novell iManager Tomcat DoS Vulnerability, Advisory from iDefense