ID CVE-2009-3862
Type cve
Modified 2009-11-05T05:00:00


The NDSD process in Novell eDirectory 8.7.3 before ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value. Per:


This vulnerability is resolved in eDirectory 8.8.5 ftf1 and eDirectory ftf2.

To resolve this problem, apply eDirectory 8.8.5 ftf1 or newer for eDirectory 8.8.X and eDirectory ftf2 for eDirectory 8.7.3.X. Patches are available at"