CVE-2008-0924

Novell eDirectory for Linux LDAP delRequest Stack Overflow Vulnerability

Severity Score

6.8

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory 8.7.3.9 and earlier, and 8.8.1 and earlier in the 8.8.x series, allows remote attackers to cause a denial of service (daemon crash or CPU consumption) or execute arbitrary code via a long delRequest LDAP Extended Request message, probably involving a long Distinguished Name (DN) field.

El desbordamiento del búfer en la región stack de la memoria en la función DoLBURPRequest en libnldap en ndsd en Novell eDirectory versión 8.7.3.9 y anterior, y versión 8.8.1 y anterior en la serie 8.8.x, permite que los atacantes remotos causen una denegación de servicio (bloque del demonio o consumo de CPU) o ejecute un código arbitrario por medio de un largo mensaje de petición extendida delRequest LDAP, que probablemente incluya un campo largo Distinguished Name (DN).

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory for Linux. Authentication is not required to exploit this vulnerability.
The specific flaw exists in the libnldap library. When a large LDAP delRequest message is sent, a stack overflow occurs overwriting a function pointer. This results in a situation allowing the execution of arbitrary code.

*Credits: Anonymous

CVSS Scores

NISTv2 6.8

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2008-02-25 CVE Reserved
2008-03-26 CVE Published
2024-08-07 CVE Updated
2024-11-15 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CAPEC

References (7)

URL	Tag	Source
http://www.securityfocus.com/archive/1/490117/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/28434	Third Party Advisory
http://www.securitytracker.com/id?1019692	Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-08-013	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://secure-support.novell.com/KanisaPlatform/Publishing/411/3382120_f.SAL_Public.html	2018-11-01

URL	Date	SRC
http://secunia.com/advisories/29476	2018-11-01
http://www.vupen.com/english/advisories/2008/0987/references	2018-11-01

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				>= 8.7 <= 8.7.3.9 Search vendor "Novell" for product "Edirectory" and version " >= 8.7 <= 8.7.3.9"		-		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				>= 8.8 <= 8.8.1 Search vendor "Novell" for product "Edirectory" and version " >= 8.8 <= 8.8.1"		-		Affected