Product: Novell eDirectory 8.8 SP5 for Windows Vulnerability Type: Buffer Overflow Attack Vector: Network Request Where: >From Remote or Local Network Solution: Unpatched Description: Vulnerability is in dhost module. A malformed http get request (to /dhost/modules?L:) cause a buffer overflow, Successful exploitation of the vulnerability may allow execution of arbitrary code. Debugger Results of Vulnerability and PoC Exploit: http://tcc.hellcode.net/sploitz/novelbof.txt Original Advisory: http://tcc.hellcode.net/advisories/hellcode-adv004.txt Credit to: Hellcode Research karak0rsan , murderkey
