[NEWS] Novell iManager DoS Attack (eMFrame)
From: support@securiteam.comDate: 08/13/02
- Previous message: support@securiteam.com: "[UNIX] CERN Proxy Server Cross-Site Scripting Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Tue, 13 Aug 2002 13:53:06 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Novell iManager DoS Attack (eMFrame)
------------------------------------------------------------------------
SUMMARY
The following advisory has been released to information the public that a
patch that prevents eMFrame from shutting down prematurely whenever the
input of a userid is longer than 256 characters (while a user is
authenticating into iManager).
DETAILS
Vulnerable systems:
* eMFrame v 1.2.1 (eMFrame.jar, FwResources.properties files with
modification dates previous to 16 July 2002)
Impact:
The maximum length for the attribute DN in eDirectory 8.6 and above is 256
characters. While authenticating into eMFrame, if a DN with more than 256
characters are passed in by the user, eMFrame will terminate.
With the above fixes, when DN is greater than 256 characters, a Denial of
Service error is generated an eMFrame does not shut down.
Recommended actions:
To verify whether this patch needs to be applied, perform the following:
NOTE: The steps below refer to a "webapps" directory that is a relative
directory. By default, when TomCat is installed on Netware, the "webapps"
directory is located directly underneath the volume SYS: (i.e.
SYS:\webapps\eMFrame\WEB-INF\lib\). However, webapps could be located
elsewhere, depending on the choices made by the administration on initial
installation. With Microsoft Windows NT/Windows 2000, you can go to a
command prompt and type "set". This should display a path statement. In
the path statement, there should be a directory "TomCat". The "webapps"
directory should be located underneath the "TomCat" directory.
1. Go to the following file: ..\webapps\eMFrame\WEB-INF\lib\eMFrame.jar
2. Check the modified date on the file. If it is previous to July 16th,
2002, this patch must be applied.
3. Go to the following file:
.\webapps\eMFrame\WEB-INF\classes\templates\FwResources.properties
4. Check the modified date on the file. If it is previous to July 16th,
2002, this patch must be applied. If the above files are older, apply this
patch by copying the eMFrame.jar and FwResources.properties from this file
to the server running eMFrame.
Perform the following tasks:
1. Go to the following directory: ..\webapps\eMFrame\WEB-INF\lib\
2. Copy the eMFrame.jar file located in this patch to the above directory
listed in step 1.
3. Go to the following directory:
.\webapps\eMFrame\WEB-INF\classes\templates
4. Copy the FwResources.properties file located in this patch to the above
directory listed in step 3.
Reference URL:
<http://support.novell.com/servlet/tidfinder/2963081>
http://support.novell.com/servlet/tidfinder/2963081
ADDITIONAL INFORMATION
The information has been provided by <mailto:ereed@novell.com> Ed Reed.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[UNIX] CERN Proxy Server Cross-Site Scripting Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
