CVE-2008-4478

Severity

99%

Complexity

99%

Confidentiality

165%

Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow.

Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 16 years ago

2008-10-14 22:36:00

Last updated 6 years ago

2018-10-11 20:51:00

Affected Software

Novell eDirectory 8.7

8.7

Novell eDirectory 8.7.1

8.7.1

Novell eDirectory 8.7.1 SU1

8.7.1

Novell eDirectory 8.7.3

8.7.3

Novell eDirectory 8.7.3.8

8.7.3.8

Novell eDirectory

Novell eDirectory 8.8

8.8

Novell eDirectory 8.8.1

8.8.1

References

32111

4406

http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html

Patch

http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html

Patch

http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7000087&sliceId=1&docTypeID=DT_TID_1_1&dialogID=78066829&stateId=0%200%2078062953

Vendor Advisory

http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7001184&sliceId=1&docTypeID=DT_TID_1_1&dialogID=78066829&stateId=0%200%2078062953

Vendor Advisory

20081008 ZDI-08-063: Novell eDirectory dhost.exe Content-Length Header Heap Overflow Vulnerability

20081008 ZDI-08-065: Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability

1020989

1020990

ADV-2008-2738

http://www.zerodayinitiative.com/advisories/ZDI-08-063

http://www.zerodayinitiative.com/advisories/ZDI-08-065

novell-edirectory-httpcontentlength-dos(45628)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.