A stack buffer overflow vulnerability exists in the Novell iManager eDirectory plugin. The vulnerability is due to improper validation of user input by a sub-application. A remote, authenticated attacker can exploit this vulnerability by sending specially crafted parameters to the application.

Successful exploitation of this vulnerability would result in arbitrary code execution with the privileges of the SYSTEM.

• Novell iManager (2.7.2 and prior)

• Access vector is NETWORK
• Access complexity is LOW
• Level of authentication required is SINGLE
• Impact of this vulnerability on data confidentiality is COMPLETE
• Impact of this vulnerability on data integrity is COMPLETE
• Impact of this vulnerability on data availability is COMPLETE

• The exploitability level of this vulnerability is UNPROVEN
• The remediation level of this vulnerability is UNAVAILABLE
• The report confidence level of this vulnerability is CONFIRMED