Novell eDirectory iMonitor NDS buffer overflow

Added: 05/30/2006
CVE: CVE-2006-2496
BID: 18026
OSVDB: 25781

Background

iMonitor is a web service which is a component of Novell eDirectory.

Problem

A buffer overflow in iMonitor allows remote attackers to execute arbitrary commands by sending a long, specially crafted URL request in the NDS directory.

Resolution

Apply the iMonitor security update.

References

http://www.securityfocus.com/archive/1/434723

Limitations

Exploit works on Novell eDirectory 8.8.

Platforms

Windows

Back to exploit index