Detections
Analytics

eDirectory < 8.8 SP3 FTF3 iMonitor Crafted HTTP Request Overflow

high Nessus Network Monitor Plugin ID 4944

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running eDirectory, a directory service software from Novell. The iMonitor component included with the installed version is affected by a buffer overflow vulnerability. By sending a specially crafted HTTP request to the iMonitor component with a malformed 'Accept-Language' header, it may be possible for a remote attacker to execute arbitrary code on the remote system.

NOTE: The iMonitor service is an optional package. NNM has determined this vulnerability by looking at the vendor version number within LDAP queries. Given this, if the iMonitor service is not running, then the system is not vulnerable.

Solution

Upgrade to version 8.8 SP3 with FTF3 or higher.

See Also

http://www.nessus.org/u?714d89e9 (8.8 SP3 FTF3 for Linux & Unix)

Plugin Details

Severity: High

ID: 4944

Family: Generic

Published: 3/4/2009

Updated: 3/6/2019

Nessus ID: 35760

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Reference Information

BID: 33928