Multiple vulnerabilities have been reported in Novell eDirectory, which can be exploited by malicious users to bypass certain security features and by malicious people to manipulate certain data and cause a DoS (Denial of Service).
1) An error in the NCP implementation can be exploited to cause the service to become unresponsive via a specially crafted FileSetLock NCP request.
This vulnerability is reported in version 8.8 for Linux.
2) An error in the LDAP-SSL daemon when allocating memory can be exploited to cause the service to become unresponsive via a specially crafted SSL request.
3) An error exists in the bundled OpenSSL library.
For more information see vulnerability #1: SA37291
4) Some errors exists in the SASL GSSAPI login method.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org