Denial of Service in Novell Identity Manager Platform Services
CVE-2007-6625

Currently unrated

Key Information:

Vendor: Novell
Status: Identity Manager
Vendor: CVE Published:; 4 January 2008

Summary

The Platform Service Process (asampsp) in Novell Identity Manager 3.5.1 is susceptible to a denial of service attack, which is triggered by specific network traffic that causes the service to crash. This anomaly occurs when invalid format string specifiers are processed in syslog messages, resulting in a potential disruption of service. Attackers can exploit this vulnerability remotely, leading to service interruptions and potential downtime for organizations relying on this identity management platform.

References

http://securitytracker.com/id?1019144

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/27028

vdb-entryx_refsource_BID

http://osvdb.org/40104

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Jan 4, 2008
Vulnerability Reserved
Jan 3, 2008