Two vulnerabilities have been reported in various Novell products, which can be exploited by malicious people to compromise a vulnerable system.

1) A boundary error exists in the HTTP Protocol Stack (httpstk) component of iMonitor within the "BuildRedirectURL()" function when processing "Host" HTTP headers. This can be exploited to cause a stack-based buffer overflow via a specially crafted request with an overly long "Host" header (more than 64 bytes).

2) A boundary error exists within the user authentication component of Netmail when processing usernames. This can be exploited to cause a stack-based buffer overflow via a specially crafted username.

Successful exploitation allows execution of arbitrary code.

The following products are affected by one or both of the vulnerabilities:
- Netmail 3.5.2
- Novell eDirectory 8.8.1

Solution
Apply fixes.
Further details available to Secunia VIM customers

Provided and/or discovered by
Discovered independently by:
1) * Michael Ligh and Ryan Smith.
* Manuel Santamarina Suarez
2) Discovered by an anonymous person and reported by ZDI.

Changelog
Further details available to Secunia VIM customers

Original Advisory
Novell:
https://secure-support.novell.com/KanisaPlatform/Publishing/233/3723994_f.SAL_Public.html

mnin.org:
http://www.mnin.org/advisories/2006_novell_httpstk.pdf

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-06-035.html
http://www.zerodayinitiative.com/advisories/ZDI-06-036.html

Deep Links
Links available to Secunia VIM customers