CVE-2005-1729 Information

Description

Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX CON PRN COM1 or LPT1.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034536.html http://secunia.com/advisories/15676 http://securitytracker.com/id?1014177 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097766.htm http://www.cirt.dk/advisories/cirt-33-advisory.pdf