Company| Course Calendar| Services| News| Security Alerts| Enrollment| Contact Us




Security Vulnerability Alerts

Last Update: 06 May 2008
Novell eDirectory unauthenticated access to SOAP interface
updated: 6-May-08
A vulnerability was discovered in Novell eDirectory 8.7.x and < 8.8.2.

A SOAP interface is available at the "/SOAP" URL. It is usually used through the command-line client "edirutil.exe". This tool enforces access control internally: the user is never authenticated directly on the server, and authentication state is kept locally (i.e. client side).

It can by default be exploited to get the full DN, modify the name of the log file, read its content, stop and start eDirectory components. Additional commands (depending of the server configuration) can be used to backup the database to a file, allowing full compromise of the directory when combined with the read_logs action.

Before a fix is available, prevent the EMBOX module from loading.

Reference
http://www.novell.com/support/viewContent.do?externalId=3866911&sliceId=1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0926
Novell eDirectory DoS via HTTP headers
updated: 6-May-08
A denial of service vulnerability was reported in Novell eDirectory < 8.7.3 SP 10 and < 8.8.2. The dhost.exe process will consume 100% of a CPU. More than one request can be used to lock every CPU.

Reference
http://www.novell.com/support/viewContent.do?externalId=3829452&sliceId=1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0927
Wonderware SuiteLink Denial of Service vulnerability
updated: 6-May-08
A vulnerability was found in Wonderware SuiteLink Service ('slssvc.exe') that could allow an un-authenticated remote attacker with the ability to connect to the SuiteLink service TCP port to shutdown the service abnormally by sending a malformed packet. Exploitation of the vulnerability for remote code execution has not been proven, but it has not been eliminated as a potential scenario.

WonderWare SuiteLink prior to version 2.0 Patch 01 is affected. Upgrade to the latest version.

Reference
http://www.coresecurity.com/?action=item&id=2187
Solaris 10 Panic and Denial of Service
updated: 6-May-08
A security vulnerability was reported in Solaris 10 without patch 127127-08 related to the SCTP protocol may allow a local or remote unprivileged user to cause a system panic, performance degradation or hang the system or network devices, resulting in a Denial of Service condition.

Install the patch from Sun.

Reference
http://sunsolve.sun.com/search/document.do?assetkey=1-66-236321-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-236521-1