Denial of Service in Novell eDirectory Due to Wildcard LDAP Requests
CVE-2009-2456

Currently unrated

Key Information:

Vendor

Novell
Status
Edirectory
Vendor
CVE Published:
14 July 2009

What is CVE-2009-2456?

The DS/NDSD component in Novell eDirectory 8.8 prior to Service Pack 5 is susceptible to a denial of service condition, which can be triggered by remote attackers. By crafting an LDAP request containing multiple dot (.) wildcard characters within the Relative Distinguished Name (RDN), an attacker can induce a core dump of the ndsd process, disrupting availability and leading to system instability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/34160
third-party-advisoryx_refsource_SECUNIA
http://www.novell.com/support/viewContent.do?externalId=3...
x_refsource_CONFIRM
http://osvdb.org/55848
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.