Lucene search
SAINT CorporationSAINT:8C254130BA145C51DD06749E4DABD1D6HistoryOct 26, 2006 - 12:00 a.m.
Novell eDirectory iMonitor HTTP redirection buffer overflow
2006-10-2600:00:00
SAINT Corporation
download.saintcorporation.com
7
0.956 High
EPSS
Percentile
99.4%
Added: 10/26/2006
CVE: CVE-2006-5478
BID: 20655
OSVDB: 29993
Background
iMonitor is a web service which is a component of Novell eDirectory.
Problem
iMonitor allows remote command execution by sending specially crafted HTTP header data in a request for certain URLs, which results in a buffer overflow when an HTTP redirection response is processed.
Resolution
Apply edir881ftf_1.exe, edir881ftf_1.tgz, or edir8738ftf_http.tgz. Files are available from Novell.
References
<http://secunia.com/advisories/22519/>
Limitations
Exploit works on Novell eDirectory 8.8.
Platforms
Windows
Related
saint
saint
Novell eDirectory iMonitor HTTP redirection buffer overflow
2006-10-26 00:00:00
Novell eDirectory iMonitor HTTP redirection buffer overflow
2006-10-26 00:00:00
Novell eDirectory iMonitor HTTP redirection buffer overflow
2006-10-26 00:00:00
checkpoint_advisories
checkpoint_advisories
Novell eDirectory HTTP Server Redirection Buffer Overflow (CVE-2006-5478)
2009-10-13 00:00:00
securityvulns
securityvulns
zdi
zdi
Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability
2006-10-26 00:00:00
Novell Netmail User Authentication Buffer Overflow Vulnerability
2006-10-31 00:00:00
cve
cve
CVE-2006-5478
2006-10-24 20:07:00
canvas
canvas
Immunity Canvas: EDIRECTORY_HTTP
2006-10-24 16:07:00
Immunity Canvas: NETMAIL
2006-10-24 20:07:00
packetstorm
packetstorm
Novell eDirectory NDS Server Host Header Overflow
2009-11-26 00:00:00
openvas
openvas
Novell eDirectory Multiple Stack Based Buffer Overflow Vulnerabilities
2012-10-08 00:00:00
cvelist
cvelist
CVE-2006-5478
2006-10-24 20:00:00
nessus
nessus