Novell eDirectory eMBox Utility Unauthorized Access (uncredentialed check)
High Nessus Plugin ID 31851
SynopsisThe remote host has an application installed that allows unauthorized access to the system.
DescriptionThe remote host is running eDirectory, a popular directory service software from Novell.
A vulnerability in the eMBox utility included with the software allows an unauthenticated attacker to access local files or cause a denial of service condition.
Nessus was able to query the list of available eDirectory services on the remote host without using any credentials, see plugin output for more details.
SolutionUpgrade to eDirectory 8.8.2 or rename 'embox.nlm' and configure it to start manually.