HighRealSecure Desktop, Proventia Network IPS, BlackICE PC Protection, BlackICE Server Protection, RealSecure Server Sensor, RealSecure Network, Proventia Network IDS, Proventia Desktop, Proventia-G 1.1 and earlier, IBM Security Server Protection for Windows, Proventia Network MFS, Virtual Server Protection for Vmware, Proventia Server IPS for Linux technology:
This signature detects a malformed Modify Request causing a buffer overflow.
High
RealSecure Desktop: epj, Proventia Network IPS: XPU 1.78, BlackICE PC Protection: 3.6cpj, BlackICE Server Protection: 3.6.cpj, RealSecure Server Sensor: XPU 24.39, RealSecure Network: XPU 24.39, Proventia Network IDS: XPU 24.39, Proventia Desktop: 1780, Proventia-G 1.1 and earlier: XPU 24.39, IBM Security Server Protection for Windows: 2.1.14.2400, Proventia Network MFS: XPU 1.78, IBM Security Server Protection for Windows: 1.0.914.1780, Virtual Server Protection for Vmware: 1.0, Proventia Server IPS for Linux technology: 1.78
IBM AIX, WindRiver BSDOS, SGI IRIX, Linux Kernel, Sun Solaris, IBM OS2, Microsoft Windows 95, Data General DG/UX, Microsoft Windows NT: 4.0, Microsoft Windows 98, SCO SCO Unix, Microsoft Windows 98SE, Microsoft Windows 2000, Microsoft Windows Me, Compaq Tru64, Microsoft Windows XP, Microsoft Windows 2003 Server, Apple Mac OS X
Unauthorized Access Attempt
Multiple vendor Lightweight Directory Access Protocol (LDAP) implementations are vulnerable to a heap-based buffer overflow, caused by improper bounds checking of MODIFY requests. A remote attacker could exploit this vulnerability by sending a specially-crafted MODIFY request to execute arbitrary code on an affected system or cause the server to crash.
No remedy available as of December 4, 2010.
IBM Internet Security Systems X-Force Database
Microsoft Windows Active Directory LDAP attribute buffer overflow
http://xforce.iss.net/xforce/xfdb/35179
ISS X-Force
Multiple vendor LDAP MODIFY request buffer overflow
http://www.iss.net/security_center/static/27610.php