7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.956 High
EPSS
Percentile
99.4%
Added: 10/26/2006
CVE: CVE-2006-5478
BID: 20655
OSVDB: 29993
iMonitor is a web service which is a component of Novell eDirectory.
iMonitor allows remote command execution by sending specially crafted HTTP header data in a request for certain URLs, which results in a buffer overflow when an HTTP redirection response is processed.
Apply edir881ftf_1.exe, edir881ftf_1.tgz, or edir8738ftf_http.tgz. Files are available from Novell.
<http://secunia.com/advisories/22519/>
Exploit works on Novell eDirectory 8.8.
Windows