icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

eDirectory < 8.8 SP3 Multiple Vulnerabilities

Medium

Synopsis

The remote directory service is affected by multiple vulnerabilities.

Description

The remote host is running eDirectory, a directory service software from Novell. The installed version of Novell eDirectory is affected by multiple issues :

- NDS module is affected by a heap overflow vulnerability (Bugs 396819 and 396817). - Windows installs of eDirectory are affected by a remote memory corruption vulnerability (Bug 373852). - LDAP module is affected by a buffer overflow vulnerability (Bug 373853). - HTTPSTK is affected by two heap overflow vulnerabilities affecting 'Language' and 'Content Length' headers in HTTPSTK (Bugs 379882 and 379880). - HTTPSTK is also affected by a cross-site scripting vulnerability (Bug 387429).

Solution

Upgrade to version 8.8 SP3 or higher.