APP: Novell eDirectory HTTP Headers Denial of Service

This signature detects attempts to exploit a known vulnerability against Novell eDirectory. A successful attack can result in a denial-of-service condition.

Extended Description

Novell eDirectory is prone to a denial-of-service vulnerability when handling requests with specially crafted HTTP 'Connection' headers. Remote attackers can exploit this issue to deny service to legitimate users. The issue affects versions prior to eDirectory 8.8.2 and prior to eDirectory 8.7.3 sp10 for Windows 2000/2003 systems.

Affected Products

Novell edirectory

References

BugTraq: 28757

CVE: CVE-2008-0927

Short Name
APP:NOVELL:EDIR-HEADER-DOS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2008-0927 Denial HTTP Headers Novell Service bid:28757 eDirectory of
Release Date
09/29/2010
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
Port
TCP/8008,8028
False Positive
Unknown
Vendors

Novell

CVSS Score

5.0

Found a potential security threat?