Added: 10/26/2006
CVE: CVE-2006-5478
BID: 20655
OSVDB: 29993
iMonitor is a web service which is a component of Novell eDirectory.
iMonitor allows remote command execution by sending specially crafted HTTP header data in a request for certain URLs, which results in a buffer overflow when an HTTP redirection response is processed.
Apply edir881ftf_1.exe, edir881ftf_1.tgz, or edir8738ftf_http.tgz. Files are available from Novell.
<http://secunia.com/advisories/22519/>
Exploit works on Novell eDirectory 8.8.
Windows