Novell eDirectory eMBox SOAP Request Vulnerability

Secunia ID	SA38491
CVE-ID	CVE-2010-0666
Release Date	09 Feb 2010
Last Change	03 Mar 2010
Criticality	Less Critical Typically used for cross-site scripting vulnerabilities and privilege escalation vulnerabilities. This rating is also used for vulnerabilities allowing exposure of sensitive data to local users.
Solution Status	Vendor Patch
Software	Novell eDirectory 8.x
Where	From local network "From local network" describes vulnerabilities where the attack vector requires that an attacker is situated on the same network as a vulnerable system (not necessarily a LAN). This category covers vulnerabilities in certain services (e.g. DHCP, RPC, administrative services) that should not be accessible from the Internet, but only from a local network and optionally a restricted set of external systems.
Impact	DoS (Denial of Service) This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system.
Description	A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error in eMBox, which can be exploited to cause eDirectory to crash via a specially crafted SOAP request. The vulnerability is reported in versions prior to 8.8 SP5 Patch 3. NOTE: An issue where SAdmin is allowed to login with a null password has also been reported by the vendor.
Solution	Update to eDirectory 8.8 SP5 Patch 3.
Reported by	1c239c43f521145fa8385d64a9c32243 reported via ZDI.
Original Advisory	Novell: http://www.novell.com/support/viewContent.do?externalId=3426981 http://www.novell.com/support/viewContent.do?externalId=7005341 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-10-024/