Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

eDirectory < 8.8 SP3 Multiple Vulnerabilities

Medium

Synopsis

The remote directory service is affected by multiple vulnerabilities.

Description

The remote host is running eDirectory, a directory service software from Novell. The installed version of Novell eDirectory is affected by multiple issues :

- NDS module is affected by a heap overflow vulnerability (Bugs 396819 and 396817). - Windows installs of eDirectory are affected by a remote memory corruption vulnerability (Bug 373852). - LDAP module is affected by a buffer overflow vulnerability (Bug 373853). - HTTPSTK is affected by two heap overflow vulnerabilities affecting 'Language' and 'Content Length' headers in HTTPSTK (Bugs 379882 and 379880). - HTTPSTK is also affected by a cross-site scripting vulnerability (Bug 387429).

Solution

Upgrade to version 8.8 SP3 or higher.