Lucene search
RootSSV:11838HistoryJul 20, 2009 - 12:00 a.m.
Novell eDirectory多个拒绝服务漏洞
2009-07-2000:00:00
Root
www.seebug.org
10
0.332 Low
EPSS
Percentile
97.1%
BUGTRAQ ID: 35666
CVE(CAN) ID: CVE-2009-0192
Novell eDirectory是一个的跨平台的目录服务器。
eDirectory的iMonitor组件在处理HTTP请求时存在栈溢出漏洞。如果攻击者发送了带有畸形Accept-Language头的HTTP请求,就可以触发这个溢出,导致服务器崩溃。
此外RDN中的多个通配符和LDAP报文也可能导致拒绝服务的情况。
Novell eDirectory 8.8 SP3 FTF3
Novell eDirectory 8.8 SP3
厂商补丁:
Novell
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.novell.com/support/viewContent.do?externalId=3426981
Related
nvd
nvd
CVE-2009-0192
2009-07-14 20:30:00
cvelist
cvelist
CVE-2009-0192
2009-07-14 20:16:00
securityvulns
securityvulns
Secunia Research: Novell eDirectory iMonitor "Accept-Language" Buffer Overflow
2009-07-14 00:00:00
Novell eDirectory iMonitor buffer overflow
2009-07-14 00:00:00
cve
cve
CVE-2009-0192
2009-07-14 20:30:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Stack overflow
2009-07-14 20:30:00
openvas
openvas
Novell eDirectory Multiple Vulnerabilities (Jul 2009) - Windows
2009-07-29 00:00:00
Novell eDirectory Multiple Vulnerabilities - Jul09 (Windows)
2009-07-29 00:00:00
Novell eDirectory Multiple Vulnerabilities - Jul09 (Linux)
2009-07-29 00:00:00
nessus
nessus
Novell eDirectory < 8.8 SP5 Multiple Vulnerabilities
2009-07-15 00:00:00