Heap-based Buffer Overflow in Novell eDirectory HTTP Protocol Stack
CVE-2008-5092

Currently unrated

Key Information:

Vendor: Novell
Status: Edirectory
Vendor: CVE Published:; 14 November 2008

Summary

This vulnerability involves heap-based buffer overflow issues within the Novell eDirectory HTTP protocol stack (HTTPSTK) prior to version 8.8 SP3. It is triggered by malformed HTTP headers, specifically related to the language and content-length headers. The exact impact and potential attack vectors remain unspecified, making this an area of concern for users of affected versions. It is crucial to apply security updates to mitigate the risks associated with this vulnerability.

References

http://www.securityfocus.com/bid/30947

vdb-entryx_refsource_BID

http://www.novell.com/support/viewContent.do?externalId=3...

x_refsource_CONFIRM

http://www.securitytracker.com/id?1020786

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Nov 14, 2008
Vulnerability Reserved
Nov 14, 2008