This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
The remote directory service is affected by multiple vulnerabilities.
The remote host is running eDirectory, a directory service software
from Novell. The installed version of Novell eDirectory is affected by
multiple issues :
- An unspecified cross-site scripting flaw exists.
- It is possible to trigger a remote denial of service
vulnerability by sending a malformed HTTP request.
- An unspecified flaw may allow a remote attacker to gain
access to administrator cookie information.
- There is an unspecified stack-based buffer overflow in
the Novell NCP implementation in eDirectory that has
unspecified impact. (CVE-2012-0432)
See also :
Upgrade to eDirectory 8.8 SP6 Patch 7 / 8.8 SP7 Patch 2 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true