Release DateJan 07, 2010 |
Severitycritical |
ImpactSystem Compromise: Remoate attackers can gain control of vulnerable systems. |
DescriptionThis indicates a possible attempt to exploit a memory-corruption vulnerability in Novell eDirectory.The vulnerability is caused by an error in the "evtFilteredMonitorEventsRequest()" function when processing malformed client LDAP requests. A remote attacker may exploit this to execute arbitrary code. |
Affected ProductsNovell eDirectory 8.8.1Novell eDirectory 8.8 |
Recommended ActionsApply the appropriate patch:Novell eDirectory Post 8.8.1 FTF1 for NW & Win32: http://support.novell.com/servlet/filedownload/sec/pub/edir881ftf_1.exe/ Novell eDirectory Post 8.8.1 FTF1 for Linux\Unix: http://support.novell.com/servlet/filedownload/sec/pub/edir881ftf_1.tgz/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-4510 |
Reference/shttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=428http://www.securityfocus.com/bid/20663 (BugTraq) |
