| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 27 Oct 2006 23:35:35 -0400 From: "Matt Richard" <matt.richard@...il.com> To: "zdi-disclosures@...m.com" <zdi-disclosures@...m.com> Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: [Full-disclosure] ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability On 10/27/06, zdi-disclosures@...m.com <zdi-disclosures@...m.com> wrote: > -- TippingPoint(TM) IPS Customer Protection: > TippingPoint IPS customers have been protected against this > vulnerability since October 26, 2006 by Digital Vaccine protection > filter ID 4519. For further product information on the TippingPoint IPS: <snip> > The specific flaw exists within the httpstk.dll library within the > dhost.exe web interface of the eDirectory Host Environment. The web > interface does not validate the length of the HTTP Host header prior to > using the value of that header in an HTTP redirect. This results in an > exploitable stack-based buffer overflow. This 0day was reported on 10/20/06 here http://www.mnin.org/advisories/2006_novell_httpstk.pdf. Seems that your initiative has fallen a bit behind. Your customers had to wait for you to realize this had already been released and a signature was added to Bleeding Snort on 10/23. It's also a bit odd that Novell released the updates on 10/20/06, the same day as the MNIN advisory. Based on the time line it looks like the whole thing might have been ripped off..... Cheers, Matt
Powered by blists - more mailing lists