Hitachi Directory Server LDAP Buffer Overflow Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1012881
|
|
SecurityTracker URL: http://securitytracker.com/id?1012881
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jan 13 2005
|
Impact: Execution of arbitrary code via network, User access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 2
|
Description: A vulnerability was reported in the Hitachi Directory Server. A remote user may be able to execute arbitrary code on the target system.
The vendor reported that a remote user can send a specially crafted LDAP packet to the target LDAP service to trigger a buffer overflow and cause the LDAP service to crash or potentially execute arbitrary code.
|
Impact: A remote user can execute arbitrary code on the target system with the privileges of the target LDAP service.
|
Solution: A fix is described at:
http://www.hitachi-support.com/security_e/vuls_e/HS05-001_e/01-e.html
|
Vendor URL: www.hitachi-support.com/security_e/vuls_e/HS05-001_e/index-e.html (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: UNIX (HP/UX), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 12 Jan 2005 23:56:59 -0500
Subject: http://www.hitachi-support.com/security_e/vuls_e/HS05-001_e/index-e.html
|
> HS05-001
> Vulnerability of Buffer Overflow in LDAP Server
> HS05-001-01 Hitachi Directory Server Version 2 Windows, HP-UX January 11, 2005
> Malicious remote users can exploit this vulnerability, and shut down the LDAP server
> or execute arbitrary code.
A fix is described at:
http://www.hitachi-support.com/security_e/vuls_e/HS05-001_e/01-e.html
|
|
