Overview
» IDS/IPS Signatures
Security Sites
Products
White Papers
Data Sheets
Case Studies
Support Login
Locate a Partner
iPolicy Networks Security Advisory
 

Fedora Directory Server Regular Expression Handler Buffer Overflow Vulnerability
Date Discovered: 5/12/2008
Severity: High
Applications Affected: RedHat Directory Server 7.1 Service Pack 3
RedHat Directory Server 7.1 Service Pack 1
RedHat Directory Server 7.1 Service Pack 2
RedHat Directory Server 7.1 Service Pack 4
RedHatDirectory Server 7.1 Service Pack 5
RedHat Directory Server 8.0
RedHat Fedora Directory Server 1.1
Synopsis
Buffer Overflow vulnerability has been discovered in  RedHat Directory Server 8.0 and prior. The flaw exists because the input is not properly sanitized before sending for processing to PCRE handler engine. Remote attackers can successfully exploit the handler service by sending malformed LDAP request to the Vulnerable Server and they can get secure information from the Server.
Recommended Actions
Update with latest stable version.
http://www.redhat.com/directory_server/
Threat Analysis
LDAP, Lightweight Directory Access Protocol, is an Internet protocol that email and other programs use to look up information from a server. LDAP lets you locate organizations, individuals, and other resources such as files and devices in a network, whether on the Internet or on a corporate intranet.

The Buffer overflow vulnerability has been found in the  RedHat Directory Server. A remote attacker can execute arbitrary code via invalid LDAP request query to LDAP Server, which results memory corruption. After successful exploitation a remote attacker can get secure information from directory database and can execute arbitrary malicious code in context of administrator.
References

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1677
http://www.securityfocus.com/bid/29126
http://secunia.com/advisories/30185
http://rhn.redhat.com/errata/RHSA-2008-0268.html
Write-up by: Gaurav Bajpai
Security Sites
 
“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”
 
Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner
 

 
Home | About Us | Products | Technology | Solutions | Support | Partners | News & Events | Resources | Contact Us
Copyright ©2008 iPolicy Networks - Security Product Division of Tech Mahindra Limited | Privacy Policy | Site Map