HTTP: Novell eDirectory SOAP Handling Accept Language Header Heap Overflow
This signature detects attempts to exploit a known buffer overflow vulnerability in Novell eDirectory. It is due to boundary error when processing SOAP-HTTP requests. By supplying overly large data to the Accept-Language header, a remote unauthenticated attacker can leverage this vulnerability to inject and execute arbitrary code on the target host with System or root level privileges. An attack targeting this can result in the injection and execution of arbitrary code. If code execution is successful, the behavior of the target depends on the intention of the attacker. Any injected code is executed within the system or root privileges. In an unsuccessful code execution attack, eDirectory Web console might terminate abnormally.
Extended Description
Novell eDirectory is prone to multiple buffer-overflow vulnerabilities. Successful exploits may allow attackers to execute arbitrary code within the context of the affected application or to cause denial-of-service conditions. These issues affect eDirectory 8.7.3 SP10 prior to 8.7.3 SP10 FTF1.
Affected Products
Novell edirectory
Short Name
HTTP:NOVELL:EDIRECTORY-SOAP
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Accept CVE-2008-4479 Handling Header Heap Language Novell Overflow SOAP bid:31553 eDirectory
Release Date
10/14/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Novell
CVSS Score
10.0