| New User, Welcome! Login |
Novell eDirectory 8.8 SP5 for Windows - Buffer Overflow Vulnerability
| From: |
karakorsankara hotmail com |
| To: |
bugtraq securityfocus com |
| Cc: |
|
| Subject: |
Novell eDirectory 8.8 SP5 for Windows - Buffer Overflow Vulnerability |
| Date: |
Fri - Oct 23, 2009 06:12 PM |
Product:
Novell eDirectory 8.8 SP5 for Windows
Vulnerability Type:
Buffer Overflow
Attack Vector:
Network Request
Where:
From Remote or Local Network
Solution:
Unpatched
Description:
Vulnerability is in dhost module.
A malformed http get request (to /dhost/modules?L:) cause a buffer overflow,
Successful exploitation of the vulnerability may allow execution of arbitrary code.
Debugger Results of Vulnerability and PoC Exploit:
http://tcc.hellcode.net/sploitz/novelbof.txt
Original Advisory:
http://tcc.hellcode.net/advisories/hellcode-adv004.txt
Credit to:
Hellcode Research
karak0rsan , murderkey
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
