• IDP Daily Update #1312
  posted: 11/18/08
  
• NSM Daily Update #1312
  posted: 11/18/08
  
• Deep Inspection 5.3r5 and above, 5.4, 6.0 #1312
  posted: 11/18/08
  
• Deep Inspection 5.1, 5.2, 5.3r4 and below #1300
  posted: 11/18/08
  
• Deep Inspection 5.0 #1132
  posted: 04/01/08
  
• Antivirus
  posted: 11/17/08

Text Size:        

• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Red Hat Directory Server Accept Language HTTP Headers Buffer Overflow Vulnerability

Severity: CRITICAL

Description:

Red Hat Directory Server is a centralization server based on the Lightweight Directory Access Protocol (LDAP).

The server is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. The problem occurs in the Accept Language HTTP header parser in the 'adminutil' library used in the Administration Server's CGI scripts. A remote attacker who can connect to the administration server web interface may be able to exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

NOTE: The Administration Server of Directory Server usually runs with superuser privileges.

The following are affected:

- Red Hat Directory Server 7.1
- Versions prior to 'adminutil' 1.1.7

Affected Products:

• RedHat Directory Server 7.1
• RedHat Directory Server 7.1 SP1
• RedHat Directory Server 7.1 SP2
• RedHat Directory Server 7.1 SP3
• RedHat Directory Server 7.1 SP4
• RedHat Directory Server 7.1 SP5
• RedHat Directory Server 7.1 SP6

References:

• Red Hat: Bug 453916 - (CVE-2008-2928) CVE-2008-2928 Directory Server: CGI accept lang
• CVE: CVE-2008-2928
• Red Hat: RHSA-2008:0596-18 Red Hat Directory Server 7.1 Service Pack 7 security update
• Red Hat: Red Hat Directory Server Homepage