eDirectory < 18.104.22.168/22.214.171.124 ftf2 'NDS Verb 0x1' Buffer Overflow
High Nessus Network Monitor Plugin ID 5251
SynopsisThe remote host is vulnerable to a remote command execution attack.
DescriptionThe remote host is running eDirectory, a directory service from Novell. The installed version is earlier than 8.8 SP5 ftf2, or 126.96.36.199 ftf2. Such versions are potentially affected by a remote buffer overflow vulnerability when handling specially crafted 'NDS Verb 0x1' requests. An attacker, exploiting this flaw, could execute arbitrary commands on the host subject to the privileges of the affected software.
SolutionUpgrade to eDirectory 8.8 SP5 ftf2 / 188.8.131.52 ftf2 or later.