OSVDB ID: 18703

Title: Novell eDirectory iMonitor on Windows dhost.exe Unspecified Remote Overflow

Info

Disclosure

Aug 11, 2005

Discovery

Unknown

Dates

Exploit

Aug 12, 2005

Solution

Unknown

Description

A remote overflow exists in Novell eDirectory iMonitor on Windows. iMonitor fails to handle malformed HTTP GET requests resulting in a stack overflow. With a specially crafted request, an attacker can execute arbitrary code with SYSTEM privileges resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public, Exploit Commercial

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Novell has released a patch to address this vulnerability.

Products

Novell, Inc.

eDirectory iMonitor

8.7.3

References

Security Tracker: 1014661
ISS X-Force ID: 11386
Milw0rm: 1152
Exploit Database: 1152
Bugtraq ID: 14548
Secunia Advisory ID: 16393 20139
SCIP VulDB ID: 1697
Metasploit ID: 18703
CVE ID: 2005-2551 (see also: NVD)
CERT VU: 213165
VUPEN Advisory: ADV-2005-1403
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-08/0161.html
Vendor Specific Advisory URL: http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098568.htm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972038.htm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973759.htm
Generic Exploit URL: http://www.metasploit.com/projects/Framework/exploits.html#edirectory_imonitor
http://www.saintcorporation.com/cgi-bin/exploit_info/edirectory_imonitor_bo

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/18703