In association with heise online

07 July 2008, 14:16

Security update for Novell eDirectory

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Novell has released a security update which fixes multiple vulnerabilities in its eDirectory identity management platform. According to Novell's security advisory, in addition to multiple DoS vulnerabilities, these include a buffer overflow which could be exploited remotely to gain control over a server.

The buffer overflow is provoked by an integer overflow in the ds.dlm module. Sending a crafted packet to TCP port 524 is sufficient to provoke the overflow. Novell eDirectory and 8.8 are affected. The bugs are fixed in versions 8.8.2 ftf2 and 8.7.3 SP10b.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit