CVE-2006-4510

Name of the Vulnerable Software and Affected Versions Novell eDirectory versions prior to 8.8.1 FTF1

Description The issue allows remote attackers to execute arbitrary code via a crafted request. This is achieved by exploiting the evtFilteredMonitorEventsRequest function in the LDAP service, which can be triggered by a value larger than the number of objects transmitted, resulting in an invalid free of unallocated memory.

Recommendations For versions prior to 8.8.1 FTF1, update to version 8.8.1 FTF1 or later to resolve the issue. As a temporary workaround, consider restricting access to the LDAP service to minimize the risk of exploitation.