Novell eDirectory Host Environment Service (dhost.exe) HTTP Connection Header DoS
High Nessus Plugin ID 31863
SynopsisThe remote directory service is affected by a denial of service issue.
DescriptionThe remote host is running eDirectory, a directory service software from Novell.
The installed version of eDirectory is affected by a denial of service issue. By sending an HTTP request with a specially crafted 'Connection' header to the server, an unauthenticated attacker may be able to trigger a denial of service condition causing dhost.exe to consume 100% of the CPU and crash the system.
SolutionUpgrade to eDirectory 8.8.2/8.7.3 SP10 or later.