HTTP: Novell eDirectory Management Console Accept-Language Buffer Overflow
This signature detects attempts to exploit a known buffer overflow vulnerability in Novell eDirectory. It is due to a boundary error when processing HTTP requests. By supplying an overly large number of values for the Accept-Language header, a remote unauthenticated attacker can leverage this vulnerability to inject and execute arbitrary code on the target host with System or root level privileges. An attack targeting this vulnerability can result in the injection and execution of arbitrary code. If code execution is successful, the behaviour of the target will depend on the intention of the attacker. Any injected code will be executed with System or root privileges. In the case of an unsuccessful code execution attack, eDirectory might terminate abnormally.
Short Name
HTTP:NOVELL:EDIR-ACCEPT-LANG-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Accept-Language Buffer Console Management Novell Overflow eDirectory
Release Date
07/21/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3324
False Positive
Unknown