Bugtraq mailing list archives
Novell eDirectory 8.8 SP5 for Windows - Buffer Overflow Vulnerability
From: karakorsankara () hotmail com
Date: Fri, 23 Oct 2009 19:12:12 -0600
Product: Novell eDirectory 8.8 SP5 for Windows Vulnerability Type: Buffer Overflow Attack Vector: Network Request Where:
From Remote or Local Network
Solution: Unpatched Description: Vulnerability is in dhost module. A malformed http get request (to /dhost/modules?L:) cause a buffer overflow, Successful exploitation of the vulnerability may allow execution of arbitrary code. Debugger Results of Vulnerability and PoC Exploit: http://tcc.hellcode.net/sploitz/novelbof.txt Original Advisory: http://tcc.hellcode.net/advisories/hellcode-adv004.txt Credit to: Hellcode Research karak0rsan , murderkey
Current thread:
- Novell eDirectory 8.8 SP5 for Windows - Buffer Overflow Vulnerability karakorsankara (Oct 26)