Forbidden Web

Mar 26, 2008

Novell eDirectory Vulnerability
Novell has released Security Vulnerability document 3382120 to address a vulnerability in eDirectory. This vulnerability is caused by improper handling of large LDAP Extended Request messages. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users to review Novell document 3382120 and update to eDirectory 8.8.2.