This script is Copyright (C) 2008-2012 Tenable Network Security, Inc.
The remote directory service is affected by multiple vulnerabilities.
The remote host is running eDirectory, a directory service software
from Novell. The installed version of Novell eDirectory is affected
by multiple issues :
- NDS module is affected by a heap overflow vulnerability
(Bugs 396819 and 396817).
- Windows installs of eDirectory NDS module are affected
by a remote memory corruption vulnerability (Bug 373852).
- LDAP module is affected by a buffer overflow
vulnerability (Bug 373853).
- Windows installs of eDirectory LDAP module are affected
by a memory corruption DoS (Bug 359982).
- HTTPSTK is affected by two heap overflow vulnerabilities
affecting 'Language' and 'Content Length' headers in
HTTPSTK (Bugs 379882 and 379880).
- HTTPSTK is also affected by a cross-site scripting
vulnerability (Bug 387429).
See also :
Upgrade to eDirectory 8.8 SP3 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true
Nessus Plugin ID: 34221 (edirectory_88sp3_multiple_vulns.nasl)
Bugtraq ID: 30947
CVE ID: CVE-2008-5091CVE-2008-5092CVE-2008-5093CVE-2008-5094CVE-2008-5095
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.