Novell eDirectory LDAP Service Search Parameters Heap Overflow Vulnerability

Bugtraq ID:	30175
Class:	Boundary Condition Error
CVE:	CVE-2008-1809
Remote:	Yes
Local:	No
Published:	Jul 10 2008 12:00AM
Updated:	Jul 11 2008 07:09PM
Credit:	An anonymous researcher and iDefense.
Vulnerable:	Novell eDirectory 8.8.2 Novell eDirectory 8.8.1 Novell eDirectory 8.7.3 sp10 Novell eDirectory 8.7.3 .8 pre-SP9 Novell eDirectory 8.7.3 .8 Novell eDirectory 8.7.3 Novell eDirectory 8.8 Novell eDirectory 8.7.3.9 Novell eDirectory 8.7.3.10
Not Vulnerable:	Novell eDirectory 8.8.2 ftf2 Novell eDirectory 8.7.3 SP10b

Novell eDirectory LDAP Service Search Parameters Heap Overflow Vulnerability

Novell eDirectory is prone to a vulnerability because if fails to adequately bounds-check user-supplied data, resulting in an integer-overflow condition.

An attacker can exploit this vulnerability to execute arbitrary code in the context of the eDirectory process. Failed exploit attempts will likely cause denial-of-service conditions.

This issue affects Novell eDirectory 8.7.3 and 8.8 for all platforms.

Novell eDirectory LDAP Service Search Parameters Heap Overflow Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Novell eDirectory LDAP Service Search Parameters Heap Overflow Vulnerability

Solution:
The vendor has released a fix. Please see the references for more information.

Novell eDirectory LDAP Service Search Parameters Heap Overflow Vulnerability

References:

• Novell Downloads (Novell)
  
• iDefense Security Advisory 07.09.08: Novell eDirectory LDAP Search Request Heap (iDefense Labs )
  
• Novell eDirectory LDAP Search Request Heap Corruption Vulnerability (iDefense)
  
• Security Vulnerability - LDAP Buffer Overflow (Novell)