CVE-2009-0192

Novell eDirectory 8.8 SP3 - Remote Code Execution via iMonitor Accept-Language Header

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-0192. PoCs published by Praveen Darshanam.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Novell eDirectory iMonitor via the 'Accept-Language' HTTP header. It sends a maliciously crafted HTTP request with an oversized buffer to trigger the overflow, potentially leading to remote code execution.

Description

Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Praveen Darshanam · perldoswindows

https://www.exploit-db.com/exploits/8129

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Novell eDirectory iMonitor via the 'Accept-Language' HTTP header. It sends a maliciously crafted HTTP request with an oversized buffer to trigger the overflow, potentially leading to remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Novell eDirectory iMonitor (versions affected by CVE-2009-0192)

No auth needed

Prerequisites: Network access to the target server · Novell eDirectory iMonitor service running on port 8008 or 8010

MITRE ATT&CK