CVE-2009-3862 Information

Description

The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value.

Reference

http://www.novell.com/support/viewContent.do?externalId=7004721 http://www.securityfocus.com/bid/36902 http://www.vupen.com/english/advisories/2009/3120 http://www.zerodayinitiative.com/advisories/ZDI-09-075/