Novell EDirectory NCP Request Remote Denial Of Service Vulnerability Network Vulnerability

Summary

This host is running Novell eDirectory is prone to denial of service vulnerability.

Impact

Successful exploitation will allow remote attackers to cause a vulnerable service to become unresponsive, leading to a denial of service condition. Impact Level: Application.

Solution

Upgrade to Novell eDirectory 8.8.5.6 or 8.8.6.2 For updates refer to http://www.novell.com/products/edirectory/

Insight

This flaw is caused by an error in the 'NCP' implementation when processing malformed 'FileSetLock' requests sent to port 524.

Affected

Novell eDirectory 8.8.5 before 8.8.5.6 (8.8.5.SP6) Novell eDirectory 8.8.6 before 8.8.6.2 (8.8.6.SP2) on Linux.

References

http://secunia.com/advisories/43186
http://www.novell.com/support/viewContent.do?externalId=7007781&sliceId=2
http://www.vupen.com/english/advisories/2011/0305
http://www.zerodayinitiative.com/advisories/ZDI-11-060/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4327
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Active Perl Denial of Service Vulnerability Feb 2014 (Windows)
Baidu Spark Browser Denial of Service Vulnerability -01 August14 (Windows)
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Windows)
Apache Subversion 'mod_dav_svn' Module Multiple DoS Vulnerabilities
Eggdrop 'ctcpbuf' Remote Denial Of Service Vulnerability

Novell eDirectory NCP Request Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities