Published: 24/10/2006 Updated: 17/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 770

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple stack-based buffer overflows in Novell eDirectory 8.8.x prior to 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail prior to 3.52e FTF2, allow remote malicious users to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services.

Vulnerable Product	Search on Vulmon	Subscribe to Product
novell edirectory 8.5.27
novell edirectory 8.6.2
novell edirectory 8.7
novell edirectory 8.7.1
novell edirectory 8.0
novell edirectory 8.7.3
novell edirectory 8.5
novell edirectory 8.5.12a
novell edirectory 8.7.3.8_presp9

source: wwwsecurityfocuscom/bid/20655/info The Novell eDirectory server iMonitor is prone to a stack-based buffer-overflow vulnerability because it fails to perform sufficient bounds checking on client-supplied data before copying it to a buffer An attacker could leverage this issue to execute arbitrary code with administrative privileg ...

source: wwwsecurityfocuscom/bid/20655/info The Novell eDirectory server iMonitor is prone to a stack-based buffer-overflow vulnerability because it fails to perform sufficient bounds checking on client-supplied data before copying it to a buffer An attacker could leverage this issue to execute arbitrary code with administrative priv ...

source: wwwsecurityfocuscom/bid/20655/info The Novell eDirectory server iMonitor is prone to a stack-based buffer-overflow vulnerability because it fails to perform sufficient bounds checking on client-supplied data before copying it to a buffer An attacker could leverage this issue to execute arbitrary code with administrative privil ...

## # $Id: edirectory_hostrb 9262 2010-05-09 17:45:00Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class ...

CWE-119 http://www.mnin.org/advisories/2006_novell_httpstk.pdf http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm http://www.securityfocus.com/bid/20655 http://secunia.com/advisories/22519 http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050382.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050388.html http://www.zerodayinitiative.com/advisories/ZDI-06-035.html http://securitytracker.com/id?1017125 http://www.zerodayinitiative.com/advisories/ZDI-06-036.html http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=3723994&sliceId=SAL_Public&dialogID=16776123&stateId=1%200%202648401 http://www.securityfocus.com/bid/20853 http://securitytracker.com/id?1017141 https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html http://www.vupen.com/english/advisories/2006/4141 http://www.securityfocus.com/archive/1/450520/100/100/threaded http://www.securityfocus.com/archive/1/450017/100/0/threaded http://www.securityfocus.com/archive/1/449899/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/28835/

CVE-2006-5478

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect