Novell eDirectory iMonitor contains a buffer overflow that can be remotely exploited to allow execution of arbitrary code or crash an affected system.
Novell eDirectory iMonitor is a service for monitoring servers in an eDirectory installation. A buffer overflow exists in Novell eDirectory version 8.7.3 iMonitor for Microsoft Windows 2000, 2003, and NT. A stack-based buffer within the iMonitor can be overwritten via a specially-crafted HTTP request. To exploit this vulnerability an attacker must have access to iMonitor which is installed on systems that are part of a Novell eDirectory tree.
Note that exploits for this vulnerability have been made available on public web sites.
A remote attacker with access to a system in a Novell eDirectory tree may be able to crash an affected system or execute arbitrary code with the privileges of the iMonitor service, typically SYSTEM on Microsoft Windows.
Apply a patch
This vulnerability was reported by Peter Winter-Smith of NGSSoftware Insight Security Research.
This document was written by Jeff Gennari.
|Date First Published:||2005-08-15|
|Date Last Updated:||2005-08-22 14:02 UTC|