iDefense Security Advisory 04.26.07 – Remote exploitation of a denial of service (DoS) vulnerability in Novell Inc.’s eDirectory product could allow an attacker to force the running daemon to cease servicing requests. The problem specifically exists within the NCP functionality of eDirectory. Sending a sequence of specially crafted fragmented requests will cause a DoS condition. iDefense has confirmed the existence of this vulnerability in version 8.8.1 of Novell Inc.’s eDirectory server with FTF1 applied. The earliest version tested was 8.8. Earlier versions are suspected to be vulnerable.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/56341/04.26.07-1.txt
Source: https://packetstormsecurity.com/files/56341/iDEFENSE-Security-Advisory-2007-04-26.1.html