CVE-2008-1777

Name of the Vulnerable Software and Affected Versions Novell eDirectory version 8.8.2

Description The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by sending a long HTTP HEAD request to TCP port 8028. This affects the eDirectory Host Environment service, which is run by the dhost.exe process.

Recommendations For Novell eDirectory version 8.8.2, consider restricting access to TCP port 8028 to minimize the risk of exploitation. As a temporary workaround, limiting the length of HTTP HEAD requests to the eDirectory Host Environment service may help mitigate the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.