SAINT CorporationSAINT:5C814AC06A95F264BF10651593EB4AD0Novell eDirectory NCP KeyedObjectLogin Function Vulnerability
0.938 High
EPSS
Percentile
99.1%
Added: 02/07/2013
CVE: CVE-2012-0432
BID: 57038
OSVDB: 88718
Background
Novell eDirectory is a directory server which implements the NetWare Core Protocol (NCP) to synchronize data changes between the servers in a directory service tree. NCP is used to access file, print, directory, clock synchronization, messaging, remote command execution and other network service functions. TCP/IP implementations use TCP port 524.
Problem
Novell eDirectory versions prior to 8.8.7.2 and 8.8.6.7 are vulnerable to stack based buffer overflow in the NCP implementation as a result of improper validation of user-supplied input to the **KeyedObjectLogin** function. The vulnerable process runs as root by default, so a successful remote unauthenticated attacker could execute arbitrary code on the compromised system as the root user.
Resolution
Update to Novell eDirectory version 8.8.7.2 or 8.8.6.7.
References
<http://www.novell.com/support/kb/doc.php?id=3426981>
<http://secunia.com/advisories/51667/>
Limitations
This exploit was tested against Novell eDirectory 8.8.7 on CentOS 6 with Exec-Shield Enabled.
Platforms
Linux
Related
