Vulnerabilites related to novell - edirectory
Vulnerability from fkie_nvd
Published
2014-12-19 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:sp8:*:*:*:*:*:*",
"matchCriteriaId": "ABAF78B2-9791-480F-8179-21E19B6CB6A8",
"versionEndIncluding": "8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request."
},
{
"lang": "es",
"value": "nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images en iMonitor de Novell eDirectory anterior a 8.8 SP8 Patch 4 permite a usuarios remotos autenticados obtener informaci\u00f3n sensible de la memoria del proceso a trav\u00e9s de una petici\u00f3n directa."
}
],
"id": "CVE-2014-5213",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-19T18:59:01.103",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/534284"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1031408"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=904135"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/534284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=904135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-26 18:30
Modified
2025-04-11 00:51
Severity ?
Summary
The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F40F0E7D-5731-4D55-8BFC-0E39EDCE9366",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie."
},
{
"lang": "es",
"value": "El servicio Web dhost en Novell eDirectory v8.8.5 usa una cookie de sessi\u00f3n predecible, lo que facilita que atacantes remotos secuestren sesiones a trav\u00e9s de una cookie modificada."
}
],
"id": "CVE-2009-4655",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-26T18:30:00.447",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/60035"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.metasploit.com/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie.rb"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/60035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.metasploit.com/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie.rb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56613"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-23 06:59
Modified
2025-04-20 01:37
Severity ?
Summary
NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "D55F5A25-28B0-425B-81D3-70B76D43635E",
"versionEndIncluding": "9.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL."
},
{
"lang": "es",
"value": "NDSD en Novell eDirectory en versiones anteriores a 9.0.2 no calcul\u00f3 correctamente ACLs en objetos LDAP a trav\u00e9s de l\u00edmites de partici\u00f3n, lo que podr\u00eda provocar una escalada de privilegios por la modificaci\u00f3n de los atributos de usuario lo que podr\u00eda conducir a una escalada de privilegios modificando atributos de usuario que de otro modo ser\u00edan filtrados por una ACL."
}
],
"id": "CVE-2016-9167",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-23T06:59:00.563",
"references": [
{
"source": "security@opentext.com",
"url": "http://www.securityfocus.com/bid/97315"
},
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/97315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-24 19:07
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13882AD-D700-4B95-9BB2-B3E0D104B227",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n evtFilteredMonitorEventsRequest en el servicio LDAP en Novell eDirectory anterior a 8.8.1 FTF1 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una petici\u00f3n artesanal."
}
],
"id": "CVE-2006-4509",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-24T19:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=427"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22506"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017104"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/20663"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4142"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/20663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29764"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-05-20 03:02
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8 | |
| novell | imonitor | 2.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imonitor:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6948E1-826D-4951-994E-29E0E04C44CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors."
}
],
"id": "CVE-2006-2496",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-20T03:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20139"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016120"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973759.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/25781"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/434723/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18026"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/1850"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-016.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973759.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/25781"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/434723/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26524"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-03-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.6.2 | |
| novell | edirectory | 85.20 | |
| novell | edirectory | 85.24 | |
| novell | edirectory | 85.30 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:85.20:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFEA521-37B2-4C23-B320-1D0E70823366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:85.24:*:*:*:*:*:*:*",
"matchCriteriaId": "791307D3-5774-4756-B82E-72609C7C3F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:85.30:*:*:*:*:*:*:*",
"matchCriteriaId": "C0815A1A-1B21-48F8-8E55-150372528F10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager."
}
],
"id": "CVE-2002-1552",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103712498905027\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103712790808781\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6163"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103712498905027\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103712790808781\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10604"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-07-14 18:41
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing \"NULL search parameters.\""
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en Novell eDirectory 8.7.3 anterior a 8.7.3.10b, y 8.8 anterior a 8.8.2 FTF2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una solicitud de b\u00fasqueda LDAP que contenga \"par\u00e1metros de b\u00fasqueda nulos\"."
}
],
"id": "CVE-2008-1809",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-07-14T18:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=724"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31036"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3843876"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30175"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020470"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2062/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3843876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2062/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43716"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-30 22:19
Modified
2025-04-09 00:30
Severity ?
Summary
ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E3441E-2468-4270-BDBE-5EB13DDF4BB9",
"versionEndIncluding": "8.7.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13882AD-D700-4B95-9BB2-B3E0D104B227",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file."
},
{
"lang": "es",
"value": "ncp en Novell eDirectory anterior a 8.7.3 SP9, y 8.8.x anterior a 8.8.1 FTF2, no maneja adecuadamente fragmentos NCP con una longitud negativa, lo cual permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) cuando el mont\u00f3n se escribe a un fichero de registro de eventos."
}
],
"id": "CVE-2006-4520",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-30T22:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=518"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=3924657\u0026sliceId=SAL_Public"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23685"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017972"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1550"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33921"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=3924657\u0026sliceId=SAL_Public"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33921"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-24 19:07
Modified
2025-04-09 00:30
Severity ?
Summary
The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which triggers an invalid free of unallocated memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13882AD-D700-4B95-9BB2-B3E0D104B227",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which triggers an invalid free of unallocated memory."
},
{
"lang": "es",
"value": "La funci\u00f3n evtFilteredMonitorEventsRequest en el servicio LDAP en Novell eDirectory anterior a 8.8.1 FTF1 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una petici\u00f3n artesanal que contiene un valor m\u00e1s largo que el n\u00famero de objetos transmitidos, lo cual dispara una liberaci\u00f3n inv\u00e1lida de memoria no asignada."
}
],
"id": "CVE-2006-4510",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-24T19:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=428"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22506"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017104"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/20663"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4142"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/20663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29752"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-04 00:07
Modified
2025-04-09 00:30
Severity ?
Summary
The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS module in Novell eDirectory 8.8 and 8.8.1 before the Security Services 2.0.3 patch does not properly increment a pointer when handling certain input, which allows remote attackers to cause a denial of service (invalid memory access) via a crafted login request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13882AD-D700-4B95-9BB2-B3E0D104B227",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS module in Novell eDirectory 8.8 and 8.8.1 before the Security Services 2.0.3 patch does not properly increment a pointer when handling certain input, which allows remote attackers to cause a denial of service (invalid memory access) via a crafted login request."
},
{
"lang": "es",
"value": "La funci\u00f3n BerDecodeLoginDataRequest en el m\u00f3dulo libnmasldap.so NMAS en Novell eDirectory 8.8 y 8.8.1 anterior al parche Security Services 2.0.3 no incrementa de forma adecuada el puntero cuando al manejar cierta entrada, lo cual permite a un atacante remoto provocar denegaci\u00f3n de servicio (acceso a memoria inv\u00e1lido) a trav\u00e9s de una respuesta de login manipulada"
}
],
"id": "CVE-2006-4521",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-11-04T00:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=437"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22660"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017140"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20842"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4293"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29963"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-28 18:44
Modified
2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory 8.7.3.9 and earlier, and 8.8.1 and earlier in the 8.8.x series, allows remote attackers to cause a denial of service (daemon crash or CPU consumption) or execute arbitrary code via a long delRequest LDAP Extended Request message, probably involving a long Distinguished Name (DN) field.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * | |
| novell | edirectory | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2934CE3D-592D-4D6E-B008-65261AA7AF55",
"versionEndIncluding": "8.7.3.9",
"versionStartIncluding": "8.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B93861-635A-4260-9620-098585FABDCC",
"versionEndIncluding": "8.8.1",
"versionStartIncluding": "8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory 8.7.3.9 and earlier, and 8.8.1 and earlier in the 8.8.x series, allows remote attackers to cause a denial of service (daemon crash or CPU consumption) or execute arbitrary code via a long delRequest LDAP Extended Request message, probably involving a long Distinguished Name (DN) field."
},
{
"lang": "es",
"value": "El desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n DoLBURPRequest en libnldap en ndsd en Novell eDirectory versi\u00f3n 8.7.3.9 y anterior, y versi\u00f3n 8.8.1 y anterior en la serie 8.8.x, permite que los atacantes remotos causen una denegaci\u00f3n de servicio (bloque del demonio o consumo de CPU) o ejecute un c\u00f3digo arbitrario por medio de un largo mensaje de petici\u00f3n extendida delRequest LDAP, que probablemente incluya un campo largo Distinguished Name (DN)."
}
],
"evaluatorComment": "During analysis the following related page was found.\r\n\r\nhttp://www.zerodayinitiative.com/advisories/ZDI-08-013/",
"id": "CVE-2008-0924",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-28T18:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29476"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/490117/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/28434"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1019692"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0987/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-013/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/411/3382120_f.SAL_Public.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/490117/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/28434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1019692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0987/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-013/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/411/3382120_f.SAL_Public.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-24 20:07
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more data than intended.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * | |
| novell | edirectory | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA08E2FB-A21B-420E-B02E-111E66CD5515",
"versionEndIncluding": "8.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more data than intended."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en el motor NCP en Novell eDirectory anterior a 8.8.1 FTF1 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un paquete artesanal NCP sobre IP que provoca que NCP lea m\u00e1s informaci\u00f3n de la deseada."
}
],
"id": "CVE-2006-4177",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-24T20:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=426"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22506"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017104"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20664"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4142"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29768"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2002-05/0273.html | Broken Link | |
| cve@mitre.org | http://www.iss.net/security_center/static/9229.php | Broken Link | |
| cve@mitre.org | http://www.securityfocus.com/bid/4893 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2002-05/0273.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/9229.php | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/4893 | Broken Link, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.6.2 | |
| novell | edirectory | 8.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing."
}
],
"id": "CVE-2002-2119",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0273.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.iss.net/security_center/static/9229.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/4893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0273.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.iss.net/security_center/static/9229.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/4893"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-178"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 22:36
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * | |
| novell | edirectory | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE174F7-A69B-4EDB-ADA0-588E815EEFCA",
"versionEndExcluding": "8.7.3.10",
"versionStartIncluding": "8.7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0753F127-9985-465D-AC49-177E3585F817",
"versionEndExcluding": "8.8.3",
"versionStartIncluding": "8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en Novell eDirectory v8.x anteriores a v8.8.3, y v8.7.3 anteriores a v8.7.3.10 ftf1, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del mensaje manipulado del \"opcode\" 0x024 en el \"Netware Core Protocol\", que provoca un error de calculo que desborda el b\u00fafer de mont\u00edculo."
}
],
"id": "CVE-2008-4480",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T22:36:58.617",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32111"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4404"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7001183\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3477912"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/497169/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020990"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-066/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7001183\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3477912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/497169/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-066/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-19 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:sp8:*:*:*:*:*:*",
"matchCriteriaId": "ABAF78B2-9791-480F-8179-21E19B6CB6A8",
"versionEndIncluding": "8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en nds/search/data en iMonitor de Novell eDirectory anterior a 8.8 SP8 Patch 4 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro rdn."
}
],
"id": "CVE-2014-5212",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-12-19T18:59:00.057",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/534284"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1031408"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=904134"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
},
{
"source": "cve@mitre.org",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/534284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=904134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-08 23:07
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Novell eDirectory allows remote attackers to execute arbitrary code, as demonstrated by vd_novell.pm, a "Novell eDirectory remote exploit." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "598FC8C1-61F0-4597-B737-0428BBB66C31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Novell eDirectory allows remote attackers to execute arbitrary code, as demonstrated by vd_novell.pm, a \"Novell eDirectory remote exploit.\" NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Novell eDirectory permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n, como ha sido demostrado por vd_novell.pm, un \"c\u00f3digo de explotaci\u00f3n (exploit) remoto para Novell eDirectory\". NOTA: a fecha de 8/11/2006, esta divulgaci\u00f3n no tiene informaci\u00f3n relevante. No obstante, puesto que procede de un investigador fiable, se le ha asignado un identificador CVE con fines de seguimiento."
}
],
"id": "CVE-2006-5814",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-11-08T23:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://gleg.net/vulndisco_meta.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securitytracker.com/id?1017169"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://gleg.net/vulndisco_meta.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securitytracker.com/id?1017169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30150"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-26 18:30
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp5:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF51-3A90-4BC7-BC65-FBACF2F976E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila Novell eDirectory v8.8 SP5 para Windows, permite a atacantes remotos ayudados por el usuario ejecutar c\u00f3digo arbitrario a trav\u00e9s de los par\u00e1metros largos sadminpwd y verifypwd en una acci\u00f3n submit sobre /dhost/httpstk."
}
],
"id": "CVE-2009-4654",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-26T18:30:00.400",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/37042-2.pl"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://tcc.hellcode.net/advisories/hellcode-adv005.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://tcc.hellcode.net/sploitz/httpstk.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/507926/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/37042"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023188"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/37042-2.pl"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://tcc.hellcode.net/advisories/hellcode-adv005.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://tcc.hellcode.net/sploitz/httpstk.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/507926/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/37042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54308"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-11-04 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3.8 | |
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8.1 | |
| novell | edirectory | 8.8.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp2:windows:*:*:*:*:*",
"matchCriteriaId": "15E2B599-2B96-4ED3-B2D9-E4D6909A1F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp3:windows:*:*:*:*:*",
"matchCriteriaId": "9DAFE77C-4AB9-4865-B673-C32EAB3ABB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp4:windows:*:*:*:*:*",
"matchCriteriaId": "5FC5947C-15F7-4BF0-9C0A-F2817F4BB7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp5:windows:*:*:*:*:*",
"matchCriteriaId": "2A57D5D2-F490-4A33-AFAF-A66CE7988F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp6:windows:*:*:*:*:*",
"matchCriteriaId": "1694F7CA-0E7B-4DC6-9B74-FCCE8B81F048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp7:windows:*:*:*:*:*",
"matchCriteriaId": "042CF2E0-CE2C-4939-899A-F193127A28B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp8:windows:*:*:*:*:*",
"matchCriteriaId": "2A7E430B-DD25-4BE7-8495-B4FD8EB60F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp9:windows:*:*:*:*:*",
"matchCriteriaId": "142A95E7-009C-4A54-AA04-97C7120C228E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8D4976-BAE9-4A83-9DF6-9436C54E8413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A626A123-E33A-445F-93A2-8FA3B2E3E53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp1:*:*:*:*:*:*",
"matchCriteriaId": "03D34570-657E-48D5-B778-9510C3D0FF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2EA7ED79-2E4E-4BE0-B167-31BB6311A506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp3:*:*:*:*:*:*",
"matchCriteriaId": "FC9CE828-3461-4A32-8DD6-ED8BDA0298FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp4:*:*:*:*:*:*",
"matchCriteriaId": "A78EBF3A-4073-41D2-BD52-E598318D4996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13882AD-D700-4B95-9BB2-B3E0D104B227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FDCB14-9380-42C3-A6EE-3E6AEA3F52F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value."
},
{
"lang": "es",
"value": "El proceso NDSD en Novell eDirectory v8.7.3 anterior a v8.7.3.10 ftf2 y eDirectory v8.8 anterior a v8.8.5 ftf1 no maneja adecuadamente ciertas peticiones de b\u00fasqueda de LDAP, lo que permite a atacantes remoto provocar una denegaci\u00f3n de servicio (cuelgue de aplicaci\u00f3n) a trav\u00e9s de una petici\u00f3n de b\u00fasqueda con valor BaseDN NULL."
}
],
"evaluatorSolution": "Per: http://www.novell.com/support/viewContent.do?externalId=7004721\r\n\r\n\"Resolution\r\n\r\nThis vulnerability is resolved in eDirectory 8.8.5 ftf1 and eDirectory 8.7.3.10 ftf2.\r\n\r\nTo resolve this problem, apply eDirectory 8.8.5 ftf1 or newer for eDirectory 8.8.X and eDirectory 8.7.3.10 ftf2 for eDirectory 8.7.3.X. Patches are available at http://download.novell.com\"",
"id": "CVE-2009-3862",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-11-04T18:30:00.217",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=7004721"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36902"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3120"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-075/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=7004721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-075/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-17 00:04
Modified
2025-04-03 01:03
Severity ?
Summary
The iManager in eMBoxClient.jar in Novell eDirectory 8.7.3.8 writes passwords in plaintext to a log file, which allows local users to obtain passwords by reading the file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.7.3.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8D4976-BAE9-4A83-9DF6-9436C54E8413",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The iManager in eMBoxClient.jar in Novell eDirectory 8.7.3.8 writes passwords in plaintext to a log file, which allows local users to obtain passwords by reading the file."
},
{
"lang": "es",
"value": "El iManager en eMBoxClient.jar en Novell eDirectory 8.7.3.8 escribe contrase\u00f1as en texto claro en un archivo de registro, lo que permite a usuarios locales obtener contrase\u00f1as leyendo el archivo."
}
],
"id": "CVE-2006-4186",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-08-17T00:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21496"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016695"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/28370"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/19499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/28370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19499"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-14 19:20
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "598FC8C1-61F0-4597-B737-0428BBB66C31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:*:sp2:windows:*:*:*:*:*",
"matchCriteriaId": "61B5F31A-C109-4856-88B9-52FE3551B29D",
"versionEndIncluding": "8.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp1:windows:*:*:*:*:*",
"matchCriteriaId": "5CD101DD-9655-4A83-8F79-59333D4DD672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp2:windows:*:*:*:*:*",
"matchCriteriaId": "15E2B599-2B96-4ED3-B2D9-E4D6909A1F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp3:windows:*:*:*:*:*",
"matchCriteriaId": "9DAFE77C-4AB9-4865-B673-C32EAB3ABB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp4:windows:*:*:*:*:*",
"matchCriteriaId": "5FC5947C-15F7-4BF0-9C0A-F2817F4BB7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp5:windows:*:*:*:*:*",
"matchCriteriaId": "2A57D5D2-F490-4A33-AFAF-A66CE7988F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp6:windows:*:*:*:*:*",
"matchCriteriaId": "1694F7CA-0E7B-4DC6-9B74-FCCE8B81F048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp7:windows:*:*:*:*:*",
"matchCriteriaId": "042CF2E0-CE2C-4939-899A-F193127A28B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp8:windows:*:*:*:*:*",
"matchCriteriaId": "2A7E430B-DD25-4BE7-8495-B4FD8EB60F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp9:windows:*:*:*:*:*",
"matchCriteriaId": "142A95E7-009C-4A54-AA04-97C7120C228E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8D4976-BAE9-4A83-9DF6-9436C54E8413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8_presp9:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AAA23-21E1-4C35-97FA-7F038E2C8923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A626A123-E33A-445F-93A2-8FA3B2E3E53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:linux:*:*:*:*:*",
"matchCriteriaId": "6658D417-B666-400A-89BD-C74A84E4EC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A5286A48-E77F-4D5F-8B8C-D701B9DC1819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "A18AD730-2782-4BC3-8B2E-D35D29EBC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "36699D76-090F-4ED3-9C02-A09EB68F5CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "896C7671-E300-4E6D-86A3-D0DAF4168CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:linux:*:*:*:*:*",
"matchCriteriaId": "9775274E-21A5-466E-B792-54F53ECCD8F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:solaris:*:*:*:*:*",
"matchCriteriaId": "1CE0CDA6-DFF5-45F7-A641-180AED4F074D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "B490E624-9A8E-4AD2-9B6F-BFDA431CD77D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "4747583B-125F-423F-863F-5CBC4CB46C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13882AD-D700-4B95-9BB2-B3E0D104B227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "F2AD4208-DD3E-427E-ADF8-5C59C59EDC15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "BEE923F3-28AB-4C29-A920-F363F415CBE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "F4DB1610-FDB3-432C-8AD7-C667DCAA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "30ABEC83-326A-4888-BFC7-3A40BC2E2CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FDCB14-9380-42C3-A6EE-3E6AEA3F52F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:linux:*:*:*:*:*",
"matchCriteriaId": "762D694C-7942-4265-BF99-1DE9F3BC9128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:solaris:*:*:*:*:*",
"matchCriteriaId": "20851E26-511C-41B2-A3BF-4E4A083A73F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "57A9A26E-0FB6-4766-9C7E-CB82551BC9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "7CD4DD41-AD88-4AB2-BAC2-2B59AECA16BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en el servicio NDS en Novell eDirectory versiones anteriores a v8.8 SP3 tiene un impacto y vectores de ataque desconocidos."
}
],
"id": "CVE-2008-5094",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-14T19:20:54.107",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30947"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020787"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-26 18:30
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp5:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF51-3A90-4BC7-BC65-FBACF2F976E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el m\u00f3dulo dhost en Novell eDirectory v8.8 SP5 para Windows, permite a usuarios autenticados remotos a provocar una denegaci\u00f3n de servicio (caida de dhost.exe) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena larga sobre /dhost/modules?I:."
}
],
"id": "CVE-2009-4653",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-26T18:30:00.367",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/507812/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/37009"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/507812/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/37009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54264"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 22:36
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * | |
| novell | edirectory | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE174F7-A69B-4EDB-ADA0-588E815EEFCA",
"versionEndExcluding": "8.7.3.10",
"versionStartIncluding": "8.7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0753F127-9985-465D-AC49-177E3585F817",
"versionEndExcluding": "8.8.3",
"versionStartIncluding": "8.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en dhost.exe de Novell eDirectory 8.8 anterior a 8.8.3 y 8.7.3 antes de 8.7.3.10 ftf1, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una petici\u00f3n SOAP con una cabecera Accept-Language larga."
}
],
"id": "CVE-2008-4479",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T22:36:58.570",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32111"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4405"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7000086\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/497164/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020989"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7000086\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/497164/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020989"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-064"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-06-18 19:41
Modified
2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the iMonitor interface in Novell eDirectory 8.7.3.x before 8.7.3 sp10, and 8.8.x before 8.8.2 ftf2, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters that are used within "error messages of the HTTP stack."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8.1 | |
| novell | edirectory | 8.8.1 | |
| novell | edirectory | 8.8.1 | |
| novell | edirectory | 8.8.1 | |
| novell | edirectory | 8.8.2 | |
| novell | edirectory | 8.8.2 | |
| novell | edirectory | 8.8.2 | |
| novell | edirectory | 8.8.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:linux:*:*:*:*:*",
"matchCriteriaId": "6658D417-B666-400A-89BD-C74A84E4EC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A5286A48-E77F-4D5F-8B8C-D701B9DC1819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "A18AD730-2782-4BC3-8B2E-D35D29EBC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "36699D76-090F-4ED3-9C02-A09EB68F5CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:linux:*:*:*:*:*",
"matchCriteriaId": "9775274E-21A5-466E-B792-54F53ECCD8F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:solaris:*:*:*:*:*",
"matchCriteriaId": "1CE0CDA6-DFF5-45F7-A641-180AED4F074D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "B490E624-9A8E-4AD2-9B6F-BFDA431CD77D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "4747583B-125F-423F-863F-5CBC4CB46C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "F2AD4208-DD3E-427E-ADF8-5C59C59EDC15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "BEE923F3-28AB-4C29-A920-F363F415CBE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "F4DB1610-FDB3-432C-8AD7-C667DCAA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "30ABEC83-326A-4888-BFC7-3A40BC2E2CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:linux:*:*:*:*:*",
"matchCriteriaId": "762D694C-7942-4265-BF99-1DE9F3BC9128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:solaris:*:*:*:*:*",
"matchCriteriaId": "20851E26-511C-41B2-A3BF-4E4A083A73F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "57A9A26E-0FB6-4766-9C7E-CB82551BC9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "7CD4DD41-AD88-4AB2-BAC2-2B59AECA16BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the iMonitor interface in Novell eDirectory 8.7.3.x before 8.7.3 sp10, and 8.8.x before 8.8.2 ftf2, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters that are used within \"error messages of the HTTP stack.\""
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el interfaz iMonitor de Novell eDirectory 8.7.3.x anterior a 8.7.3 sp10, y 8.8.x anterior a 8.8.2 ftf2; permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de par\u00e1metros no especificados que se utilizan en los \"mensajes de error de la pila HTTP\"."
}
],
"id": "CVE-2008-0925",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-06-18T19:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30748"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1020321"
},
{
"source": "cve@mitre.org",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"source": "cve@mitre.org",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/support/viewContent.do?externalId=3460217\u0026sliceId=1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29782"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1863/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020321"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/support/viewContent.do?externalId=3460217\u0026sliceId=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1863/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43151"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-23 06:59
Modified
2025-04-20 01:37
Severity ?
Summary
A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBDF50B6-0B4C-4610-B5D6-6D96D3F1C78A",
"versionEndIncluding": "9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies."
},
{
"lang": "es",
"value": "Una vulnerabilidad de seguridad en el manejo de cookies en la implementaci\u00f3n http en pila en NDSD en Novell eDirectory en versiones anteriores a 9.0.1 permite a atacantes remotos eludir las restricciones destinadas al acceso aprovechando cookies predecibles."
}
],
"id": "CVE-2016-5747",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-23T06:59:00.250",
"references": [
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-08 23:07
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Novell eDirectory 8.8 allows attackers to cause a denial of service, as demonstrated by vd_novell3.pm, a "Novell eDirectory 8.8 DoS." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Novell eDirectory 8.8 allows attackers to cause a denial of service, as demonstrated by vd_novell3.pm, a \"Novell eDirectory 8.8 DoS.\" NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Novell eDirectory 8.8 permite a atacantes provocar una denegaci\u00f3n de servicio, como ha sido demostrado por vd_novell3.pm, un \"ataque de denegaci\u00f3n de servicio para Novell eDirectory 8.8\". NOTA: a fecha de 8/11/2006, esta divulgaci\u00f3n no tiene informaci\u00f3n relevante. No obstante, puesto que procede de un investigador fiable, se le ha asignado un identificador CVE con fines de seguimiento."
}
],
"id": "CVE-2006-5813",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-11-08T23:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://gleg.net/vulndisco_meta.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017169"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://gleg.net/vulndisco_meta.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30149"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-07-14 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp3:*:*:*:*:*:*",
"matchCriteriaId": "FC9CE828-3461-4A32-8DD6-ED8BDA0298FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp3:ftf3:*:*:*:*:*",
"matchCriteriaId": "E263D9A0-CAC3-4009-9F5B-8EA7365B28AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow."
},
{
"lang": "es",
"value": "Error de superaci\u00f3n de l\u00edmite en el componente iMonitor en Novell eDirectory v8.8 SP3, v8.8 SP3 FTF3, y posiblemente otras versiones permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una petici\u00f3n HTTP con una cabecera Accept-Language manipulada, que provoca un desbordamiento de b\u00fafer basado en la pila."
}
],
"id": "CVE-2009-0192",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-07-14T20:30:00.187",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/55847"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34160"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-13/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/504924/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/35666"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1883"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/55847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-13/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/504924/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51703"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-14 19:20
Modified
2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "598FC8C1-61F0-4597-B737-0428BBB66C31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:*:sp2:windows:*:*:*:*:*",
"matchCriteriaId": "61B5F31A-C109-4856-88B9-52FE3551B29D",
"versionEndIncluding": "8.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp1:windows:*:*:*:*:*",
"matchCriteriaId": "5CD101DD-9655-4A83-8F79-59333D4DD672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp2:windows:*:*:*:*:*",
"matchCriteriaId": "15E2B599-2B96-4ED3-B2D9-E4D6909A1F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp3:windows:*:*:*:*:*",
"matchCriteriaId": "9DAFE77C-4AB9-4865-B673-C32EAB3ABB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp4:windows:*:*:*:*:*",
"matchCriteriaId": "5FC5947C-15F7-4BF0-9C0A-F2817F4BB7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp5:windows:*:*:*:*:*",
"matchCriteriaId": "2A57D5D2-F490-4A33-AFAF-A66CE7988F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp6:windows:*:*:*:*:*",
"matchCriteriaId": "1694F7CA-0E7B-4DC6-9B74-FCCE8B81F048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp7:windows:*:*:*:*:*",
"matchCriteriaId": "042CF2E0-CE2C-4939-899A-F193127A28B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp8:windows:*:*:*:*:*",
"matchCriteriaId": "2A7E430B-DD25-4BE7-8495-B4FD8EB60F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp9:windows:*:*:*:*:*",
"matchCriteriaId": "142A95E7-009C-4A54-AA04-97C7120C228E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8D4976-BAE9-4A83-9DF6-9436C54E8413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8_presp9:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AAA23-21E1-4C35-97FA-7F038E2C8923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A626A123-E33A-445F-93A2-8FA3B2E3E53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:linux:*:*:*:*:*",
"matchCriteriaId": "6658D417-B666-400A-89BD-C74A84E4EC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A5286A48-E77F-4D5F-8B8C-D701B9DC1819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "A18AD730-2782-4BC3-8B2E-D35D29EBC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "36699D76-090F-4ED3-9C02-A09EB68F5CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "896C7671-E300-4E6D-86A3-D0DAF4168CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:linux:*:*:*:*:*",
"matchCriteriaId": "9775274E-21A5-466E-B792-54F53ECCD8F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:solaris:*:*:*:*:*",
"matchCriteriaId": "1CE0CDA6-DFF5-45F7-A641-180AED4F074D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "B490E624-9A8E-4AD2-9B6F-BFDA431CD77D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "4747583B-125F-423F-863F-5CBC4CB46C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13882AD-D700-4B95-9BB2-B3E0D104B227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "F2AD4208-DD3E-427E-ADF8-5C59C59EDC15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "BEE923F3-28AB-4C29-A920-F363F415CBE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "F4DB1610-FDB3-432C-8AD7-C667DCAA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "30ABEC83-326A-4888-BFC7-3A40BC2E2CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FDCB14-9380-42C3-A6EE-3E6AEA3F52F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:linux:*:*:*:*:*",
"matchCriteriaId": "762D694C-7942-4265-BF99-1DE9F3BC9128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:solaris:*:*:*:*:*",
"matchCriteriaId": "20851E26-511C-41B2-A3BF-4E4A083A73F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "57A9A26E-0FB6-4766-9C7E-CB82551BC9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "7CD4DD41-AD88-4AB2-BAC2-2B59AECA16BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el protocolo HTTP Stack (HTTPSTK) en Novell eDirectory versiones anteriores a v8.8 SP3 permite a atacantes remotos inyectar web script o HTML a trav\u00e9s de vectores deconocidos."
}
],
"id": "CVE-2008-5093",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-11-14T19:20:54.073",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30947"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020785"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2462"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46667"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B9CAFC15-178C-4176-9668-D4A04B63E77B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8D6949-89F4-40EF-98F4-8D15628DC345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6479D85C-1A12-486D-818C-6679F415CA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "287CF5FA-D0EC-4FD7-9718-973587EF34DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C88168D4-7DB5-4720-8640-400BB680D0FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*",
"matchCriteriaId": "968915A1-375B-4C69-BE11-9A393F7F1B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11465DCA-72E5-40E9-9D8E-B3CD470C47E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3954D0D1-9FDF-47D0-9710-D0FB06955B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4C5F60-B32D-4D85-BA28-AE11972ED614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*",
"matchCriteriaId": "6A5935C3-3D83-461F-BC26-E03362115C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "80AC523B-3106-46F2-B760-803DCF8061F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B8D6F3-D15D-489F-A807-17E63F4831F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*",
"matchCriteriaId": "808189BA-197F-49CE-933E-A728F395749C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7EF0CD-EA39-457B-8E2E-9120B65A5835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC2983F-5212-464B-AC21-8A897DEC1F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF17989-D1F2-4B04-80BD-CFABDD482ABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*",
"matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*",
"matchCriteriaId": "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*",
"matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*",
"matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*",
"matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*",
"matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B87C95-4B34-4628-AD03-67D1DE13E097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F04471C-732F-44EE-AD1B-6305C1DD7DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E237919A-416B-4039-AAD2-7FAE1F4E100D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39149924-188C-40C1-B598-A9CD407C90DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6501108-5455-48FE-AA82-37AFA5D7EC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*",
"matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0EF4A3-2FE5-41E4-A764-30B379ECF081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*",
"matchCriteriaId": "CCF6D59E-8AEA-4380-B86B-0803B2202F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*",
"matchCriteriaId": "140ABF28-FA39-4D77-AEB2-304962ED48C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*",
"matchCriteriaId": "09473DD9-5114-44C5-B56C-6630FBEBCACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7ECD3A4-5A39-4222-8350-524F11D8FFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*",
"matchCriteriaId": "D36C140D-E80C-479A-ADA7-18E901549059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "940712E9-B041-4B7F-BD02-7DD0AE596D65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03B887A2-9025-4C5B-8901-71BC63BF5293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "33264586-7160-4550-9FF9-4101D72F5C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5E6521-0611-4473-82AC-21655F10FEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*",
"matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*",
"matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0146341-364C-4085-A2E1-BC8C260FBA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*",
"matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8496E0D-2507-4C25-A122-0B846CBCA72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E383F2A-DFCF-47F8-94EE-3563D41EA597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D87EF0-056E-4128-89EB-2803ED83DEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3163C1-2044-44DA-9C88-076D75FDF1EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07E1B690-C58B-4C08-A757-F3DF451FDAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "31F0E14C-7681-4D1A-B982-A51E450B93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AC604680-2E9E-4DC4-ACDD-74D552A45BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*",
"matchCriteriaId": "37A94436-D092-4C7E-B87B-63BC621EE82E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "862165CF-3CFB-4C6E-8238-86FA85F243C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*",
"matchCriteriaId": "056F3336-BAA8-4A03-90B4-7B31710FC1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC2510-FBB9-429A-B6D4-10AB11F93960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5D45127E-A544-40A0-9D34-BD70D95C9772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*",
"matchCriteriaId": "56C69C3E-C895-45C8-8182-7BB412A0C828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D9564B-B92E-4C97-87FF-B56D62DCA775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2AD44D-3BE8-4541-B62D-9F01D46F8E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF2E08B-9046-41A1-BEDE-EB0B6436315C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "811E1BE8-3868-49F8-B6E8-D5705559B02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D67C9DB4-E46C-4E84-82D9-AF48EFDAEFBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CF0E1BF0-6629-40DC-AB23-0256BABD0CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC4E7E5-FCC1-46B0-B69F-F1F6B36838ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4AED89-F862-4071-8E94-481A59EDAE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7A3CB6FF-3840-4E80-A0A4-614D6686D2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67010B0B-ECE7-4EE5-B103-05DC637E150F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1355EF99-35FC-44A7-BC56-F7C0EA49BF0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDA8F10-B059-4403-A790-EFC8822588B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A06BCD31-3FB6-468B-9BC9-EA573717B19F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "360238CC-3BF5-4750-B16D-8A2E0257022E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0C55C754-E213-4E79-AA7B-2CAF8A464388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA524-5A79-408C-BBF2-5780BC522B64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D599C49D-4D7D-4C44-9D8D-A3F76746BBA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4DC717-0785-4C19-8A33-ACA5F378DF3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:forcepoint:stonegate:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "858843D3-84BB-48B6-80D1-1271AE60150D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*",
"matchCriteriaId": "B931D4F8-23F5-4ABA-A457-959995D30C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BE6A023E-9C2A-487F-B5CE-674C766BFE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7B80E0-40BB-4B4E-9711-AF293A038DD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9EFCFFE8-9CAD-4A7F-9751-8627E6297C9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3653856-207E-46A7-92DD-D7F377F1829A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4627BB-0D75-44BC-989F-0E85C9FA0E2B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "19053434-F9E7-4839-AB5A-B226CC4616A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D04CABBA-7BEB-44EC-A6E4-A31E41A62BD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8D15C938-4DAB-4011-80EE-A2663E20BFC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C056ED-2492-4B1C-BCB9-4F36806C4A48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A72FC232-A2CB-443B-9A4A-8BBFEFE6517C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:-:*:*:*:*:*:*",
"matchCriteriaId": "BA347CD3-0619-4EA2-A736-B59EE9E3AC12",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4ACEF29C-3225-43A7-9E07-FBCCF555887E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "46D932AF-FB1A-464D-BA3D-2DC2D3C187CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9F532860-9E26-45C3-9FB3-6B0888F1279A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
"matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
"matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*",
"matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*",
"matchCriteriaId": "09F3FB7B-0F68-49F3-A3B7-977A687A42E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*",
"matchCriteriaId": "088F2FF7-96E5-455E-A35B-D99F9854EC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*",
"matchCriteriaId": "FFA721BF-1B2E-479F-BF25-02D441BF175B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*",
"matchCriteriaId": "AFEDCE49-21CC-4168-818F-4C638EE3B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*",
"matchCriteriaId": "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1A5808-6D5D-48AD-9470-5A6510D17913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D09E11C-C5BB-409E-BB0D-7F351250419B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B06A05D-AA31-441D-9FC2-3558648C3B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0886901-6F93-44C1-B774-84D7E5D9554C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F203A80-7C1E-4A04-8E99-63525E176753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0A204C-158B-4014-A53C-75E0CD63E0DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "085BA581-7DA5-4FA4-A888-351281FD0A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE573E8-DD94-4293-99AE-27B9067B3ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D14413DA-5199-4282-9E22-D347E9D8E469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*",
"matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF28C435-C036-4507-8E3F-44E722F9974A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2CDFE7-6853-4A31-85C0-50C57A8D606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*",
"matchCriteriaId": "408A9DB0-81EF-4186-B338-44954E67289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "303362A5-9C3C-4C85-8C97-2AB12CE01BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "FED22DC1-E06B-4511-B920-6DAB792262D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F757B2A7-869F-4702-81EB-466317A79D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64AF1E33-4086-43E2-8F54-DA75A99D4B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "53D16F03-A4C7-4497-AB74-499F208FF059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "13A33EC1-836B-4C8C-AC18-B5BD4F90E612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read."
},
{
"lang": "es",
"value": "El c\u00f3digo que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2004-0112",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-11-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/11139"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/484726"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/11139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/484726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-23 06:59
Modified
2025-04-20 01:37
Severity ?
Summary
A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "D55F5A25-28B0-425B-81D3-70B76D43635E",
"versionEndIncluding": "9.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking."
},
{
"lang": "es",
"value": "Una cabecera X-Frame-Options perdida en el NDS Utility Monitor en NDSD en Novell eDirectory en versiones anteriores a 9.0.2 podr\u00eda ser utilizada por atacantes remotos para clickjacking."
}
],
"id": "CVE-2016-9168",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-23T06:59:00.593",
"references": [
{
"source": "security@opentext.com",
"url": "http://www.securityfocus.com/bid/97320"
},
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/97320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-24 20:07
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.0 | |
| novell | edirectory | 8.5 | |
| novell | edirectory | 8.5.12a | |
| novell | edirectory | 8.5.27 | |
| novell | edirectory | 8.6.2 | |
| novell | edirectory | 8.7 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3.8_presp9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8_presp9:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AAA23-21E1-4C35-97FA-7F038E2C8923",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basado en pila en Novell eDirectory 8.8.x anterior a 8.8.1 FTF1, y 8.x hasta 8.7.3.8, y Novell NetMail anterior a 3.52e FTF2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante (1) una cabecera HTTP Host larga, que provoca el desbordamiento en la funci\u00f3n BuildRedirectURL; o vectores relacionados con un nombre de usuario que contiene un car\u00e1cter . (punto) en los servicios Netmail (2) SMTP, (3) POP, (4) IMAP, (5) HTTP o (6) Networked Messaging Application Protocol (NMAP)."
}
],
"id": "CVE-2006-5478",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-24T20:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050382.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050388.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22519"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017125"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017141"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mnin.org/advisories/2006_novell_httpstk.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=3723994\u0026sliceId=SAL_Public\u0026dialogID=16776123\u0026stateId=1%200%202648401"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/449899/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/450017/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/450520/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20655"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20853"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/4141"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-035.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-036.html"
},
{
"source": "cve@mitre.org",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050382.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050388.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mnin.org/advisories/2006_novell_httpstk.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=3723994\u0026sliceId=SAL_Public\u0026dialogID=16776123\u0026stateId=1%200%202648401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/449899/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/450017/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/450520/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/4141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-17 00:04
Modified
2025-04-03 01:03
Severity ?
Summary
Unspecified vulnerability in the NCPENGINE in Novell eDirectory 8.7.3.8 allows local users to cause a denial of service (CPU consumption) via unspecified vectors, as originally demonstrated using a Nessus scan.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.7 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8D4976-BAE9-4A83-9DF6-9436C54E8413",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the NCPENGINE in Novell eDirectory 8.7.3.8 allows local users to cause a denial of service (CPU consumption) via unspecified vectors, as originally demonstrated using a Nessus scan."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el NCPENGINE de Novell eDirectory 8.7.3.8 permite a usuarios locales provocar una denegaci\u00f3n de servicio (agotamiento de CPU) a trav\u00e9s de vectores no especificados, como se ha demostrado originalmente utilizando un escaneo Nessus."
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nNovell, eDirectory, 8.7.3 SP9",
"id": "CVE-2006-4185",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-08-17T00:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21496"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016695"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/28369"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/19498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/28369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/19498"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-14 19:20
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:sp2:windows:*:*:*:*:*",
"matchCriteriaId": "61B5F31A-C109-4856-88B9-52FE3551B29D",
"versionEndIncluding": "8.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp1:windows:*:*:*:*:*",
"matchCriteriaId": "5CD101DD-9655-4A83-8F79-59333D4DD672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp2:windows:*:*:*:*:*",
"matchCriteriaId": "15E2B599-2B96-4ED3-B2D9-E4D6909A1F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp3:windows:*:*:*:*:*",
"matchCriteriaId": "9DAFE77C-4AB9-4865-B673-C32EAB3ABB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp4:windows:*:*:*:*:*",
"matchCriteriaId": "5FC5947C-15F7-4BF0-9C0A-F2817F4BB7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp6:windows:*:*:*:*:*",
"matchCriteriaId": "1694F7CA-0E7B-4DC6-9B74-FCCE8B81F048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp7:windows:*:*:*:*:*",
"matchCriteriaId": "042CF2E0-CE2C-4939-899A-F193127A28B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp8:windows:*:*:*:*:*",
"matchCriteriaId": "2A7E430B-DD25-4BE7-8495-B4FD8EB60F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp9:windows:*:*:*:*:*",
"matchCriteriaId": "142A95E7-009C-4A54-AA04-97C7120C228E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8D4976-BAE9-4A83-9DF6-9436C54E8413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8_presp9:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AAA23-21E1-4C35-97FA-7F038E2C8923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A626A123-E33A-445F-93A2-8FA3B2E3E53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:linux:*:*:*:*:*",
"matchCriteriaId": "6658D417-B666-400A-89BD-C74A84E4EC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A5286A48-E77F-4D5F-8B8C-D701B9DC1819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "A18AD730-2782-4BC3-8B2E-D35D29EBC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "36699D76-090F-4ED3-9C02-A09EB68F5CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "896C7671-E300-4E6D-86A3-D0DAF4168CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:linux:*:*:*:*:*",
"matchCriteriaId": "9775274E-21A5-466E-B792-54F53ECCD8F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:solaris:*:*:*:*:*",
"matchCriteriaId": "1CE0CDA6-DFF5-45F7-A641-180AED4F074D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "B490E624-9A8E-4AD2-9B6F-BFDA431CD77D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "4747583B-125F-423F-863F-5CBC4CB46C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13882AD-D700-4B95-9BB2-B3E0D104B227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "F2AD4208-DD3E-427E-ADF8-5C59C59EDC15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "BEE923F3-28AB-4C29-A920-F363F415CBE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "F4DB1610-FDB3-432C-8AD7-C667DCAA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "30ABEC83-326A-4888-BFC7-3A40BC2E2CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FDCB14-9380-42C3-A6EE-3E6AEA3F52F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:linux:*:*:*:*:*",
"matchCriteriaId": "762D694C-7942-4265-BF99-1DE9F3BC9128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:solaris:*:*:*:*:*",
"matchCriteriaId": "20851E26-511C-41B2-A3BF-4E4A083A73F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "57A9A26E-0FB6-4766-9C7E-CB82551BC9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "7CD4DD41-AD88-4AB2-BAC2-2B59AECA16BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an \"invalid extensibleMatch filter.\""
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en el Servicio LDAP en eDirectory de Novell versiones 8.7.3 anteriores a SP10a y versiones 8.8 anteriores a SP3, permite a los atacantes causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) por medio de vectores que implica un \"invalid extensibleMatch filter\"."
}
],
"id": "CVE-2008-5091",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-14T19:20:54.027",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/documentation/edir873/sp10_readme/netware/readme.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/support/viewContent.do?externalId=3477912"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30947"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020788"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2462"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=373853"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/documentation/edir873/sp10_readme/netware/readme.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/support/viewContent.do?externalId=3477912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=373853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43590"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-06-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.7.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1."
}
],
"id": "CVE-2005-1729",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-06-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034536.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/15676"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1014177"
},
{
"source": "cve@mitre.org",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097766.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cirt.dk/advisories/cirt-33-advisory.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034536.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/15676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1014177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097766.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cirt.dk/advisories/cirt-33-advisory.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-08-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 on Windows allows attackers to cause a denial of service (crash) and obtain access to files via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.7.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 on Windows allows attackers to cause a denial of service (crash) and obtain access to files via unknown vectors."
}
],
"id": "CVE-2005-2551",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-08-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/16393"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1014661"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098568.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972038.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/213165"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/14548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/16393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1014661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098568.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972038.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/213165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/14548"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-12 21:09
Modified
2025-04-09 00:30
Severity ?
Summary
Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "069FE430-EFDA-40B2-8775-52130BC609D3",
"versionEndExcluding": "8.7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp1:*:*:*:windows:*:*",
"matchCriteriaId": "4CC3E9C7-F5B1-4B68-AE32-BDE725E4C69C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp2:*:*:*:windows:*:*",
"matchCriteriaId": "1959434F-9887-43A7-BCE3-E83B2B85332A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp3:*:*:*:windows:*:*",
"matchCriteriaId": "BC6D86F1-7C4B-4D4F-9434-667B8A3B68F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp4:*:*:*:windows:*:*",
"matchCriteriaId": "B5AFAE6C-E1EA-4B8D-98A3-DF1EC8D97D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp5:*:*:*:windows:*:*",
"matchCriteriaId": "3FDA680E-0549-43F9-B4A5-A983743370B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp6:*:*:*:windows:*:*",
"matchCriteriaId": "26A68A9C-D888-4535-BBFF-0465EC573319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp7:*:*:*:windows:*:*",
"matchCriteriaId": "8967E2BF-9C16-4328-BA7D-76EC6B43B3AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp8:*:*:*:windows:*:*",
"matchCriteriaId": "99BBADD0-FB28-4665-90BD-DA02EB05CB6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp9:*:*:*:windows:*:*",
"matchCriteriaId": "DDBA1FE5-7C01-44F9-9E9C-12C29CAB5A66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:-:*:*:*:windows:*:*",
"matchCriteriaId": "C3C6B247-7DE0-4B2F-BE11-EF4CEED803F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of \"Get NCP Extension Information By Name\" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852."
},
{
"lang": "es",
"value": "Una vulnerabilidad de uso de memoria previamente liberada en la funcionalidad NetWare Core Protocol (NCP) en Novell eDirectory versiones 8.7.3 SP10 anteriores a 8.7.3 SP10 FTF1 y versi\u00f3n 8.8 SP2 para Windows, permite a los atacantes remotos causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo arbitrario por medio de una secuencia de peticiones de \"Get NCP Extension Information By Name\" que causan que un hilo (subproceso) opere en memoria despu\u00e9s de que se haya liberado en otro hilo (subproceso), lo que desencadena una corrupci\u00f3n de memoria, tambi\u00e9n se conoce como Novell Bug 373852."
}
],
"id": "CVE-2008-5038",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2008-11-12T21:09:03.050",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=748"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/48206"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32395"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31956"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021117"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2937"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/48206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46138"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-14 16:05
Modified
2025-04-09 00:30
Severity ?
Summary
dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. NOTE: this might be similar to CVE-2008-1777.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * | |
| novell | edirectory | * | |
| microsoft | windows-nt | 2000 | |
| microsoft | windows-nt | 2003 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B50CE5C-1108-405A-8FE9-C12542F774A2",
"versionEndIncluding": "8.7.3.9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC8C64B-A5E6-4022-B55A-F2E80AB3D8F3",
"versionEndExcluding": "8.8.2",
"versionStartIncluding": "8.8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows-nt:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA9CCBA-D930-4EC2-9C51-C44B52A2B69F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows-nt:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "CADAB8CD-9972-4535-9963-80A3EDB57925",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. NOTE: this might be similar to CVE-2008-1777."
},
{
"lang": "es",
"value": "El archivo dhost.exe en Novell eDirectory versi\u00f3n 8.7.3 anterior a las versiones sp10 y 8.8.2 permite a los atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU) por medio de una petici\u00f3n HTTP con (1) varios encabezados de conexi\u00f3n o (2) un encabezado de conexi\u00f3n con varios valores separados por comas. NOTA: esta vulnerabilidad podr\u00eda ser similar a CVE-2008-1777."
}
],
"id": "CVE-2008-0927",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-14T16:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29805"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3829452\u0026sliceId=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/491622/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/28757"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1019836"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1217/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41787"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/5547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3829452\u0026sliceId=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/491622/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/28757"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1019836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1217/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/5547"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-27 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netiq | edirectory | 9.0 | |
| netiq | edirectory | 9.0.1 | |
| netiq | edirectory | 9.0.2 | |
| netiq | imanager | 3.0 | |
| netiq | imanager | 3.0.1 | |
| netiq | imanager | 3.0.2 | |
| novell | edirectory | * | |
| novell | imanager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netiq:edirectory:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1822596B-5F37-4788-A596-32C994A4F39F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:edirectory:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4F31E6-C304-43F0-997A-1DE23CD043CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:edirectory:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6B970239-2775-4377-AB77-6575F4EA6C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D3D7F7B-CF13-4729-BDC8-FA7C25EB0856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B44FED3-A5D0-4F0D-AD4F-329152057627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netiq:imanager:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A555C67-FE51-414D-B93A-42DEC732EAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:*:sp8_patch9:*:*:*:*:*:*",
"matchCriteriaId": "445EEDC7-BA29-44DF-88D6-205F16D3D68B",
"versionEndIncluding": "8.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:*:sp7_patch8:*:*:*:*:*:*",
"matchCriteriaId": "9E43BD48-BFE5-49E4-AFD4-0B15A2FEA59A",
"versionEndIncluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate."
},
{
"lang": "es",
"value": "Novell iManager versi\u00f3n 2.7 anterior a SP7 Patch 9, Novell eDirectory 8.8.x anterior a 8.8 SP8 Patch 9 Hotfix 2, NetIQ eDirectory 9.x anterior a 9.0.2 Hotfix 2 (9.0.2.2) y NetIQ iManager 3.x anterior a 3.0.2.1 usan el algoritmo de hashing MD5 en un certificado para comunicaciones."
}
],
"id": "CVE-2017-5186",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-27T14:59:00.263",
"references": [
{
"source": "security@opentext.com",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1019041"
},
{
"source": "security@opentext.com",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1019789"
},
{
"source": "security@opentext.com",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=988749"
},
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
},
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1019041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1019789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=988749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-10 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8.5 | |
| novell | edirectory | 8.8.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F40F0E7D-5731-4D55-8BFC-0E39EDCE9366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "751F9C0C-8685-4D40-A8B5-AA7BCBFBE785",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el servicio NPC en Novell eDirectory v8.8.5 anterior a v8.8.5.6 y v8.8.6 anterior a v8.8.6.2, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue) a trav\u00e9s de una petici\u00f3n FileSetLock mal formada al puerto 524."
}
],
"id": "CVE-2010-4327",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-10T18:00:54.973",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43186"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/8071"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=7007781\u0026sliceId=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/516279/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/46263"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0305"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=7007781\u0026sliceId=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/516279/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-060"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-28 18:44
Modified
2025-04-09 00:30
Severity ?
Summary
The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 and earlier, and 8.8.x before 8.8.2, relies on client-side authentication, which allows remote attackers to bypass authentication via requests for /SOAP URIs, and cause a denial of service (daemon shutdown) or read arbitrary files. NOTE: it was later reported that 8.7.3.10 (aka 8.7.3 SP10) is also affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * | |
| novell | edirectory | 8.5 | |
| novell | edirectory | 8.5.12a | |
| novell | edirectory | 8.5.27 | |
| novell | edirectory | 8.6.2 | |
| novell | edirectory | 8.7 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3.8 | |
| novell | edirectory | 8.7.3.8_presp9 | |
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCFB5DD-D24D-4C3B-9188-C264D9AC0B93",
"versionEndIncluding": "8.7.3.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8D4976-BAE9-4A83-9DF6-9436C54E8413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8_presp9:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AAA23-21E1-4C35-97FA-7F038E2C8923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A626A123-E33A-445F-93A2-8FA3B2E3E53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 and earlier, and 8.8.x before 8.8.2, relies on client-side authentication, which allows remote attackers to bypass authentication via requests for /SOAP URIs, and cause a denial of service (daemon shutdown) or read arbitrary files. NOTE: it was later reported that 8.7.3.10 (aka 8.7.3 SP10) is also affected."
},
{
"lang": "es",
"value": "La interfaz SOAP en el m\u00f3dulo eMBox en Novell eDirectory versi\u00f3n 8.7.3.9 y anteriores, y versiones 8.8.x anteriores a 8.8.2, depende de la autenticaci\u00f3n del lado del cliente, que permite a los atacantes remotos omitir la autenticaci\u00f3n por medio de peticiones para los URI /SOAP y causar una denegaci\u00f3n de servicio (apagado del demonio) o leer archivos arbitrarios. NOTA: m\u00e1s tarde se report\u00f3 que la versi\u00f3n 8.7.3.10 (tambi\u00e9n se conoce como versi\u00f3n 8.7.3 SP10) tambi\u00e9n est\u00e1 afectada."
}
],
"id": "CVE-2008-0926",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-28T18:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29527"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491621/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28441"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019691"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0988/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41426"
},
{
"source": "cve@mitre.org",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/876/3866911_f.SAL_Public.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491621/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0988/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/876/3866911_f.SAL_Public.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-07-14 18:41
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to \"flawed arithmetic.\""
},
{
"lang": "es",
"value": "Desbordamiento de entero en ds.dlm, como el utilizado en dhost.exe de Novell eDirectory 8.7.3.10 anterior a 8.7.3 SP10b y 8.8 anterior a 8.8.2 ftf2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores no especificados que provocan un desbordamiento del b\u00fafer basado en pila. Relacionado con \"aritm\u00e9tica defectuosa\"."
}
],
"id": "CVE-2008-3159",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-07-14T18:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30938"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1020431"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026sliceId=SAL_Public\u0026externalId=3694858"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30085"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1999"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-041/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43589"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026sliceId=SAL_Public\u0026externalId=3694858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-041/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43589"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-02 20:29
Modified
2024-11-21 03:35
Severity ?
4.2 (Medium) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * | |
| novell | edirectory | 9.0 | |
| novell | edirectory | 9.0 | |
| novell | edirectory | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBDF50B6-0B4C-4610-B5D6-6D96D3F1C78A",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:9.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "47DF7010-C59C-43CA-B30D-2C90EE93B1CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:9.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D6DC14FC-3A10-4B29-8F88-C44B2013B508",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:9.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "B60F3208-693F-4701-9A6F-062365E8406F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA."
},
{
"lang": "es",
"value": "El backend LDAP en Novell eDirectory, en versiones anteriores a la 9.0 SP4, al cambiar a EBA (Enhanced Background Authentication) manten\u00eda las conexiones abiertas sin EBA."
}
],
"id": "CVE-2017-9277",
"lastModified": "2024-11-21T03:35:44.540",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "security@opentext.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-02T20:29:00.770",
"references": [
{
"source": "security@opentext.com",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1005473"
},
{
"source": "security@opentext.com",
"url": "https://www.netiq.com/documentation/edirectory-9/edirectory904_releasenotes/data/edirectory904_releasenotes.html"
},
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1005473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.netiq.com/documentation/edirectory-9/edirectory904_releasenotes/data/edirectory904_releasenotes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-24 20:07
Modified
2025-04-09 00:30
Severity ?
Summary
The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote attackers to cause an unspecified denial of service via a certain "NCP Fragment."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * | |
| novell | edirectory | 8.0 | |
| novell | edirectory | 8.5 | |
| novell | edirectory | 8.5.12a | |
| novell | edirectory | 8.5.27 | |
| novell | edirectory | 8.6.2 | |
| novell | edirectory | 8.7 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E3441E-2468-4270-BDBE-5EB13DDF4BB9",
"versionEndIncluding": "8.7.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote attackers to cause an unspecified denial of service via a certain \"NCP Fragment.\""
},
{
"lang": "es",
"value": "El motor NCP en Novell eDirectory anterior a 8.7.3.8 FTF1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio no especificada mediante un cierto \"Fragmento NCP\"."
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nNovell, eDirectory, 8.7.3.8 FTF1",
"id": "CVE-2006-5479",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-24T20:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-07-14 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (crash) via a malformed bind LDAP packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp1:*:*:*:*:*:*",
"matchCriteriaId": "03D34570-657E-48D5-B778-9510C3D0FF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2EA7ED79-2E4E-4BE0-B167-31BB6311A506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp3:*:*:*:*:*:*",
"matchCriteriaId": "FC9CE828-3461-4A32-8DD6-ED8BDA0298FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp3:ftf3:*:*:*:*:*",
"matchCriteriaId": "E263D9A0-CAC3-4009-9F5B-8EA7365B28AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp4:*:*:*:*:*:*",
"matchCriteriaId": "A78EBF3A-4073-41D2-BD52-E598318D4996",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DS\\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (crash) via a malformed bind LDAP packet."
},
{
"lang": "es",
"value": "El componente DS/NDSD en Novell eDirectory v8.8 anterior a SP5 permite a atacantes remotos producir una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un paquete LDAP malformado."
}
],
"id": "CVE-2009-2457",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-07-14T20:30:00.407",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/55849"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34160"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/35666"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1883"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/55849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51706"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-14 16:05
Modified
2025-04-09 00:30
Severity ?
Summary
The eDirectory Host Environment service (dhost.exe) in Novell eDirectory 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a long HTTP HEAD request to TCP port 8028.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FDCB14-9380-42C3-A6EE-3E6AEA3F52F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The eDirectory Host Environment service (dhost.exe) in Novell eDirectory 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a long HTTP HEAD request to TCP port 8028."
},
{
"lang": "es",
"value": "El servicio eDirectory Host Environment (dhost.exe) de Novell eDirectory 8.8.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s una petici\u00f3n http HEAD larga al puerto TCP 8028."
}
],
"id": "CVE-2008-1777",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-14T16:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29639"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.offensive-security.com/0day/novel-edir.py.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/28572"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019783"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.offensive-security.com/0day/novel-edir.py.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/28572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1075"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B9CAFC15-178C-4176-9668-D4A04B63E77B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8D6949-89F4-40EF-98F4-8D15628DC345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6479D85C-1A12-486D-818C-6679F415CA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "287CF5FA-D0EC-4FD7-9718-973587EF34DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C88168D4-7DB5-4720-8640-400BB680D0FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*",
"matchCriteriaId": "968915A1-375B-4C69-BE11-9A393F7F1B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11465DCA-72E5-40E9-9D8E-B3CD470C47E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3954D0D1-9FDF-47D0-9710-D0FB06955B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4C5F60-B32D-4D85-BA28-AE11972ED614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*",
"matchCriteriaId": "6A5935C3-3D83-461F-BC26-E03362115C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "80AC523B-3106-46F2-B760-803DCF8061F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B8D6F3-D15D-489F-A807-17E63F4831F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*",
"matchCriteriaId": "808189BA-197F-49CE-933E-A728F395749C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7EF0CD-EA39-457B-8E2E-9120B65A5835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC2983F-5212-464B-AC21-8A897DEC1F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF17989-D1F2-4B04-80BD-CFABDD482ABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*",
"matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*",
"matchCriteriaId": "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*",
"matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*",
"matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*",
"matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*",
"matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B87C95-4B34-4628-AD03-67D1DE13E097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F04471C-732F-44EE-AD1B-6305C1DD7DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E237919A-416B-4039-AAD2-7FAE1F4E100D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39149924-188C-40C1-B598-A9CD407C90DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6501108-5455-48FE-AA82-37AFA5D7EC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*",
"matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0EF4A3-2FE5-41E4-A764-30B379ECF081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*",
"matchCriteriaId": "CCF6D59E-8AEA-4380-B86B-0803B2202F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*",
"matchCriteriaId": "140ABF28-FA39-4D77-AEB2-304962ED48C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*",
"matchCriteriaId": "09473DD9-5114-44C5-B56C-6630FBEBCACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7ECD3A4-5A39-4222-8350-524F11D8FFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*",
"matchCriteriaId": "D36C140D-E80C-479A-ADA7-18E901549059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "940712E9-B041-4B7F-BD02-7DD0AE596D65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03B887A2-9025-4C5B-8901-71BC63BF5293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "33264586-7160-4550-9FF9-4101D72F5C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5E6521-0611-4473-82AC-21655F10FEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*",
"matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*",
"matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation:*:*:*:*:*:*:*",
"matchCriteriaId": "C48F4DF4-8091-45D0-9F80-F760500B1202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*",
"matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8496E0D-2507-4C25-A122-0B846CBCA72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E383F2A-DFCF-47F8-94EE-3563D41EA597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D87EF0-056E-4128-89EB-2803ED83DEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3163C1-2044-44DA-9C88-076D75FDF1EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07E1B690-C58B-4C08-A757-F3DF451FDAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "31F0E14C-7681-4D1A-B982-A51E450B93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AC604680-2E9E-4DC4-ACDD-74D552A45BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*",
"matchCriteriaId": "37A94436-D092-4C7E-B87B-63BC621EE82E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "862165CF-3CFB-4C6E-8238-86FA85F243C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*",
"matchCriteriaId": "056F3336-BAA8-4A03-90B4-7B31710FC1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC2510-FBB9-429A-B6D4-10AB11F93960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5D45127E-A544-40A0-9D34-BD70D95C9772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*",
"matchCriteriaId": "56C69C3E-C895-45C8-8182-7BB412A0C828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D9564B-B92E-4C97-87FF-B56D62DCA775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*",
"matchCriteriaId": "B931D4F8-23F5-4ABA-A457-959995D30C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BE6A023E-9C2A-487F-B5CE-674C766BFE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A045971-8756-47E8-9044-C39D08B36F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA95881-7231-4FDA-AF73-04DF9FF0B64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62B7F6AD-EDBD-4B09-BDB2-795ED114F2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F045AB7B-1551-46E5-A5CC-BF13C1BB49F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "44E85930-3AAD-420B-8E3E-AEC57344F6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52FD4485-BCA2-485A-A0CF-F8152C9DBFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF53BE4-FE2D-4D63-BD0F-A423D0FE3BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "00993464-BE09-4691-B3F0-51BBA9FB80C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "896AB39E-2078-4BA2-9522-477BD5F98FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EB9279EC-47CF-45F1-B4CC-B2B332E82E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E7300C3E-8105-4C23-89B9-7D29CED18C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "90C59DB2-48DA-4172-A1F5-25CF3B5097AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "715F4E0B-7E4B-4520-A987-9B3ED3136B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA1F606-C558-40FD-9300-6E2796F47BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
"matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
"matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*",
"matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*",
"matchCriteriaId": "09F3FB7B-0F68-49F3-A3B7-977A687A42E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*",
"matchCriteriaId": "088F2FF7-96E5-455E-A35B-D99F9854EC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*",
"matchCriteriaId": "FFA721BF-1B2E-479F-BF25-02D441BF175B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*",
"matchCriteriaId": "AFEDCE49-21CC-4168-818F-4C638EE3B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*",
"matchCriteriaId": "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1A5808-6D5D-48AD-9470-5A6510D17913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D09E11C-C5BB-409E-BB0D-7F351250419B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B06A05D-AA31-441D-9FC2-3558648C3B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0886901-6F93-44C1-B774-84D7E5D9554C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F203A80-7C1E-4A04-8E99-63525E176753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0A204C-158B-4014-A53C-75E0CD63E0DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "085BA581-7DA5-4FA4-A888-351281FD0A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1C4B3C-5701-4233-BA94-28915713F9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "28D9F8D7-698A-486A-918A-7DB5CAFBB3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D125C2A0-A4B5-48D6-A38A-54755C3FDF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F85F672-0F21-4AD7-8620-13D82F2ECC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "89070041-613A-4F7B-BD6A-C6091D21FC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A71933-4BD5-4B11-8B14-D997E75F29CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6BE11D-FC02-4950-A554-08CC9D8B1853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A53FD0E1-9BAA-43F0-BCC9-0BE8D4356F55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B80ADAE8-94D4-46A4-A5ED-FF134D808B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69FA0221-5073-4D45-950F-119497B53FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AE5B43-7C90-4C2A-A215-30F5EC5841C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC1A110-B203-4962-8E1A-74BD98121AF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A92C4D-B024-4D39-9479-409C39586F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E0C4F5-CF02-4FF6-AE9B-5B6B70D5C067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E8998CC-E372-46D0-8339-47DC8D92D253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF131FDC-BF8D-4A17-99F0-444EB900E83D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "880811B3-E78E-456E-972E-DE733F368576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22411F18-2B93-405A-A3B5-2CF0A04977C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C71188B7-E6DC-41E5-B619-367341113501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07491444-0196-4504-A971-A5E388B86BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72BC6CD2-3291-4E69-8DC6-F3AB853F8931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CD43EDDF-58A7-4705-B8C7-FD76C35A437D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C2E603-568F-40F6-9A7C-439E2A51B37F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "703421A7-E8C5-450B-97EF-FD9D99D4B834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE573E8-DD94-4293-99AE-27B9067B3ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D14413DA-5199-4282-9E22-D347E9D8E469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*",
"matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF28C435-C036-4507-8E3F-44E722F9974A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2CDFE7-6853-4A31-85C0-50C57A8D606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*",
"matchCriteriaId": "408A9DB0-81EF-4186-B338-44954E67289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "303362A5-9C3C-4C85-8C97-2AB12CE01BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "FED22DC1-E06B-4511-B920-6DAB792262D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F757B2A7-869F-4702-81EB-466317A79D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64AF1E33-4086-43E2-8F54-DA75A99D4B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "53D16F03-A4C7-4497-AB74-499F208FF059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "13A33EC1-836B-4C8C-AC18-B5BD4F90E612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool."
},
{
"lang": "es",
"value": "OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS."
}
],
"id": "CVE-2004-0081",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-11-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"source": "cve@mitre.org",
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11139"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/465542"
},
{
"source": "cve@mitre.org",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"source": "cve@mitre.org",
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/465542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-14 19:20
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:sp2:windows:*:*:*:*:*",
"matchCriteriaId": "61B5F31A-C109-4856-88B9-52FE3551B29D",
"versionEndIncluding": "8.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp1:windows:*:*:*:*:*",
"matchCriteriaId": "5CD101DD-9655-4A83-8F79-59333D4DD672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp2:windows:*:*:*:*:*",
"matchCriteriaId": "15E2B599-2B96-4ED3-B2D9-E4D6909A1F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp3:windows:*:*:*:*:*",
"matchCriteriaId": "9DAFE77C-4AB9-4865-B673-C32EAB3ABB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp4:windows:*:*:*:*:*",
"matchCriteriaId": "5FC5947C-15F7-4BF0-9C0A-F2817F4BB7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp5:windows:*:*:*:*:*",
"matchCriteriaId": "2A57D5D2-F490-4A33-AFAF-A66CE7988F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp6:windows:*:*:*:*:*",
"matchCriteriaId": "1694F7CA-0E7B-4DC6-9B74-FCCE8B81F048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp7:windows:*:*:*:*:*",
"matchCriteriaId": "042CF2E0-CE2C-4939-899A-F193127A28B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp8:windows:*:*:*:*:*",
"matchCriteriaId": "2A7E430B-DD25-4BE7-8495-B4FD8EB60F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp9:windows:*:*:*:*:*",
"matchCriteriaId": "142A95E7-009C-4A54-AA04-97C7120C228E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8D4976-BAE9-4A83-9DF6-9436C54E8413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8_presp9:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AAA23-21E1-4C35-97FA-7F038E2C8923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A626A123-E33A-445F-93A2-8FA3B2E3E53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:linux:*:*:*:*:*",
"matchCriteriaId": "6658D417-B666-400A-89BD-C74A84E4EC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A5286A48-E77F-4D5F-8B8C-D701B9DC1819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "A18AD730-2782-4BC3-8B2E-D35D29EBC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "36699D76-090F-4ED3-9C02-A09EB68F5CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "896C7671-E300-4E6D-86A3-D0DAF4168CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:linux:*:*:*:*:*",
"matchCriteriaId": "9775274E-21A5-466E-B792-54F53ECCD8F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:solaris:*:*:*:*:*",
"matchCriteriaId": "1CE0CDA6-DFF5-45F7-A641-180AED4F074D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "B490E624-9A8E-4AD2-9B6F-BFDA431CD77D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "4747583B-125F-423F-863F-5CBC4CB46C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13882AD-D700-4B95-9BB2-B3E0D104B227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "F2AD4208-DD3E-427E-ADF8-5C59C59EDC15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "BEE923F3-28AB-4C29-A920-F363F415CBE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "F4DB1610-FDB3-432C-8AD7-C667DCAA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "30ABEC83-326A-4888-BFC7-3A40BC2E2CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FDCB14-9380-42C3-A6EE-3E6AEA3F52F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:linux:*:*:*:*:*",
"matchCriteriaId": "762D694C-7942-4265-BF99-1DE9F3BC9128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:solaris:*:*:*:*:*",
"matchCriteriaId": "20851E26-511C-41B2-A3BF-4E4A083A73F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "57A9A26E-0FB6-4766-9C7E-CB82551BC9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "7CD4DD41-AD88-4AB2-BAC2-2B59AECA16BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:85.20:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFEA521-37B2-4C23-B320-1D0E70823366",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en la pila del protocolo HTTP en Novell eDirectory (HTTPSTK) versiones anteriores a v8.8 SP3 tiene un impacto y vectores de ataque desconocidos relaciona a (1) cabeceras del lenguaje HTTP y (2) cabeceras \"content-length\" HTTP."
}
],
"id": "CVE-2008-5092",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-14T19:20:54.060",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30947"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020786"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-07-14 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (ndsd core dump) via an LDAP request containing multiple . (dot) wildcard characters in the Relative Distinguished Name (RDN).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp1:*:*:*:*:*:*",
"matchCriteriaId": "03D34570-657E-48D5-B778-9510C3D0FF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2EA7ED79-2E4E-4BE0-B167-31BB6311A506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp3:*:*:*:*:*:*",
"matchCriteriaId": "FC9CE828-3461-4A32-8DD6-ED8BDA0298FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp4:*:*:*:*:*:*",
"matchCriteriaId": "A78EBF3A-4073-41D2-BD52-E598318D4996",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DS\\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (ndsd core dump) via an LDAP request containing multiple . (dot) wildcard characters in the Relative Distinguished Name (RDN)."
},
{
"lang": "es",
"value": "El componente DS\\NDSD en Novell eDirectory v8.8 anterior a SP5 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (volcado de nucleo ndsd) a trav\u00e9s de una petici\u00f3n LDAP que contenga m\u00faltiples caracteres . (punto) en el nombre completo relativo (RDN)."
}
],
"id": "CVE-2009-2456",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-07-14T20:30:00.390",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/55848"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34160"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/35666"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1883"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/55848"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51705"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-19 17:30
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote attackers to cause a denial of service (crash) via unknown a crafted SOAP request, a different issue than CVE-2008-0926.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * | |
| novell | edirectory | 8.5 | |
| novell | edirectory | 8.5.12a | |
| novell | edirectory | 8.5.27 | |
| novell | edirectory | 8.6.2 | |
| novell | edirectory | 8.7 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3.8 | |
| novell | edirectory | 8.7.3.8_presp9 | |
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCFB5DD-D24D-4C3B-9188-C264D9AC0B93",
"versionEndIncluding": "8.7.3.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8D4976-BAE9-4A83-9DF6-9436C54E8413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8_presp9:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AAA23-21E1-4C35-97FA-7F038E2C8923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A626A123-E33A-445F-93A2-8FA3B2E3E53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp1:*:*:*:*:*:*",
"matchCriteriaId": "03D34570-657E-48D5-B778-9510C3D0FF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2EA7ED79-2E4E-4BE0-B167-31BB6311A506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp3:*:*:*:*:*:*",
"matchCriteriaId": "FC9CE828-3461-4A32-8DD6-ED8BDA0298FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp4:*:*:*:*:*:*",
"matchCriteriaId": "A78EBF3A-4073-41D2-BD52-E598318D4996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp5:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF51-3A90-4BC7-BC65-FBACF2F976E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp5:patch1:*:*:*:*:*",
"matchCriteriaId": "D72E19B0-021F-45A3-A205-4B5260866B29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote attackers to cause a denial of service (crash) via unknown a crafted SOAP request, a different issue than CVE-2008-0926."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en eMBox en Novell eDirectory v8.8 SP5 Patch 2 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue) mediante peticiones SOAP manipuladas desconocidas, una incidencia diferente a CVE-2008-0926."
}
],
"id": "CVE-2010-0666",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-19T17:30:01.050",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=InfoDocument-patchbuilder-readme5067743\u0026sliceId=\u0026docTypeID=DT_SUSESDB_PSDB_1_1\u0026dialogID=122457794\u0026stateId=0%200%20122459671"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023558"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=InfoDocument-patchbuilder-readme5067743\u0026sliceId=\u0026docTypeID=DT_SUSESDB_PSDB_1_1\u0026dialogID=122457794\u0026stateId=0%200%20122459671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0334"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-02 20:29
Modified
2024-11-21 03:35
Severity ?
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E194EC2C-A930-42DD-8A50-09C045D4B185",
"versionEndExcluding": "9.0.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations."
},
{
"lang": "es",
"value": "En Novell eDirectory, en versiones anteriores a la 9.0.3.1, la interfaz LDAP no impon\u00eda de forma estricta las restricciones de cifrado, lo que permite que cifrados d\u00e9biles se empleen durante las operaciones SSL BIND."
}
],
"id": "CVE-2017-9267",
"lastModified": "2024-11-21T03:35:43.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "security@opentext.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-02T20:29:00.677",
"references": [
{
"source": "security@opentext.com",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-757"
}
],
"source": "security@opentext.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2025-04-03 01:03
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B9CAFC15-178C-4176-9668-D4A04B63E77B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8D6949-89F4-40EF-98F4-8D15628DC345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6479D85C-1A12-486D-818C-6679F415CA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "287CF5FA-D0EC-4FD7-9718-973587EF34DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*",
"matchCriteriaId": "C88168D4-7DB5-4720-8640-400BB680D0FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*",
"matchCriteriaId": "968915A1-375B-4C69-BE11-9A393F7F1B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11465DCA-72E5-40E9-9D8E-B3CD470C47E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3954D0D1-9FDF-47D0-9710-D0FB06955B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4C5F60-B32D-4D85-BA28-AE11972ED614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*",
"matchCriteriaId": "6A5935C3-3D83-461F-BC26-E03362115C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "80AC523B-3106-46F2-B760-803DCF8061F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B8D6F3-D15D-489F-A807-17E63F4831F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*",
"matchCriteriaId": "808189BA-197F-49CE-933E-A728F395749C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7EF0CD-EA39-457B-8E2E-9120B65A5835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC2983F-5212-464B-AC21-8A897DEC1F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF17989-D1F2-4B04-80BD-CFABDD482ABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*",
"matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*",
"matchCriteriaId": "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*",
"matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*",
"matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*",
"matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*",
"matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B87C95-4B34-4628-AD03-67D1DE13E097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F04471C-732F-44EE-AD1B-6305C1DD7DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E237919A-416B-4039-AAD2-7FAE1F4E100D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39149924-188C-40C1-B598-A9CD407C90DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6501108-5455-48FE-AA82-37AFA5D7EC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*",
"matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0EF4A3-2FE5-41E4-A764-30B379ECF081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*",
"matchCriteriaId": "CCF6D59E-8AEA-4380-B86B-0803B2202F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*",
"matchCriteriaId": "140ABF28-FA39-4D77-AEB2-304962ED48C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*",
"matchCriteriaId": "09473DD9-5114-44C5-B56C-6630FBEBCACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7ECD3A4-5A39-4222-8350-524F11D8FFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*",
"matchCriteriaId": "D36C140D-E80C-479A-ADA7-18E901549059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "940712E9-B041-4B7F-BD02-7DD0AE596D65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03B887A2-9025-4C5B-8901-71BC63BF5293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "33264586-7160-4550-9FF9-4101D72F5C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5E6521-0611-4473-82AC-21655F10FEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*",
"matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*",
"matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*",
"matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0146341-364C-4085-A2E1-BC8C260FBA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*",
"matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8496E0D-2507-4C25-A122-0B846CBCA72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E383F2A-DFCF-47F8-94EE-3563D41EA597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D87EF0-056E-4128-89EB-2803ED83DEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3163C1-2044-44DA-9C88-076D75FDF1EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07E1B690-C58B-4C08-A757-F3DF451FDAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "31F0E14C-7681-4D1A-B982-A51E450B93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AC604680-2E9E-4DC4-ACDD-74D552A45BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*",
"matchCriteriaId": "37A94436-D092-4C7E-B87B-63BC621EE82E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "862165CF-3CFB-4C6E-8238-86FA85F243C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*",
"matchCriteriaId": "056F3336-BAA8-4A03-90B4-7B31710FC1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC2510-FBB9-429A-B6D4-10AB11F93960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5D45127E-A544-40A0-9D34-BD70D95C9772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*",
"matchCriteriaId": "56C69C3E-C895-45C8-8182-7BB412A0C828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D9564B-B92E-4C97-87FF-B56D62DCA775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*",
"matchCriteriaId": "B931D4F8-23F5-4ABA-A457-959995D30C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BE6A023E-9C2A-487F-B5CE-674C766BFE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A045971-8756-47E8-9044-C39D08B36F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA95881-7231-4FDA-AF73-04DF9FF0B64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62B7F6AD-EDBD-4B09-BDB2-795ED114F2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F045AB7B-1551-46E5-A5CC-BF13C1BB49F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "44E85930-3AAD-420B-8E3E-AEC57344F6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52FD4485-BCA2-485A-A0CF-F8152C9DBFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF53BE4-FE2D-4D63-BD0F-A423D0FE3BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "00993464-BE09-4691-B3F0-51BBA9FB80C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "896AB39E-2078-4BA2-9522-477BD5F98FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EB9279EC-47CF-45F1-B4CC-B2B332E82E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E7300C3E-8105-4C23-89B9-7D29CED18C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "90C59DB2-48DA-4172-A1F5-25CF3B5097AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "715F4E0B-7E4B-4520-A987-9B3ED3136B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA1F606-C558-40FD-9300-6E2796F47BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
"matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
"matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*",
"matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*",
"matchCriteriaId": "09F3FB7B-0F68-49F3-A3B7-977A687A42E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*",
"matchCriteriaId": "088F2FF7-96E5-455E-A35B-D99F9854EC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*",
"matchCriteriaId": "FFA721BF-1B2E-479F-BF25-02D441BF175B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*",
"matchCriteriaId": "AFEDCE49-21CC-4168-818F-4C638EE3B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*",
"matchCriteriaId": "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1A5808-6D5D-48AD-9470-5A6510D17913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D09E11C-C5BB-409E-BB0D-7F351250419B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B06A05D-AA31-441D-9FC2-3558648C3B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0886901-6F93-44C1-B774-84D7E5D9554C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F203A80-7C1E-4A04-8E99-63525E176753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0A204C-158B-4014-A53C-75E0CD63E0DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "085BA581-7DA5-4FA4-A888-351281FD0A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1C4B3C-5701-4233-BA94-28915713F9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "28D9F8D7-698A-486A-918A-7DB5CAFBB3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D125C2A0-A4B5-48D6-A38A-54755C3FDF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F85F672-0F21-4AD7-8620-13D82F2ECC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "89070041-613A-4F7B-BD6A-C6091D21FC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A71933-4BD5-4B11-8B14-D997E75F29CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6BE11D-FC02-4950-A554-08CC9D8B1853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A53FD0E1-9BAA-43F0-BCC9-0BE8D4356F55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B80ADAE8-94D4-46A4-A5ED-FF134D808B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69FA0221-5073-4D45-950F-119497B53FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AE5B43-7C90-4C2A-A215-30F5EC5841C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC1A110-B203-4962-8E1A-74BD98121AF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A92C4D-B024-4D39-9479-409C39586F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E0C4F5-CF02-4FF6-AE9B-5B6B70D5C067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E8998CC-E372-46D0-8339-47DC8D92D253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF131FDC-BF8D-4A17-99F0-444EB900E83D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "880811B3-E78E-456E-972E-DE733F368576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22411F18-2B93-405A-A3B5-2CF0A04977C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C71188B7-E6DC-41E5-B619-367341113501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07491444-0196-4504-A971-A5E388B86BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72BC6CD2-3291-4E69-8DC6-F3AB853F8931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CD43EDDF-58A7-4705-B8C7-FD76C35A437D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C2E603-568F-40F6-9A7C-439E2A51B37F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "703421A7-E8C5-450B-97EF-FD9D99D4B834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE573E8-DD94-4293-99AE-27B9067B3ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D14413DA-5199-4282-9E22-D347E9D8E469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*",
"matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF28C435-C036-4507-8E3F-44E722F9974A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2CDFE7-6853-4A31-85C0-50C57A8D606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*",
"matchCriteriaId": "408A9DB0-81EF-4186-B338-44954E67289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "303362A5-9C3C-4C85-8C97-2AB12CE01BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "FED22DC1-E06B-4511-B920-6DAB792262D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F757B2A7-869F-4702-81EB-466317A79D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64AF1E33-4086-43E2-8F54-DA75A99D4B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "53D16F03-A4C7-4497-AB74-499F208FF059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "13A33EC1-836B-4C8C-AC18-B5BD4F90E612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference."
},
{
"lang": "es",
"value": "La funci\u00f3n do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (ca\u00edda) mediante una h\u00e1bil uni\u00f3n SSL/TLS que provoca un puntero nulo."
}
],
"id": "CVE-2004-0079",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2004-11-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/11139"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/17381"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/17398"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/17401"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/18247"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/288574"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/11139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/17381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/17398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/17401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/18247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/288574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-03 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3.8 | |
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.7.3.10 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8.1 | |
| novell | edirectory | 8.8.2 | |
| novell | edirectory | 8.8.2 | |
| novell | edirectory | 8.8.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp10:*:*:*:*:*:*",
"matchCriteriaId": "6F8E26AA-2F13-4E02-967F-5675C402B969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp10:ftf1:*:*:*:*:*",
"matchCriteriaId": "50A97C1A-2DCE-4F85-A177-1CEA84C943EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp10_b:*:*:*:*:*:*",
"matchCriteriaId": "D793787E-2CFB-4822-85ED-0BB79D3FFF95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp3:*:*:*:*:*:*",
"matchCriteriaId": "9A38C607-73EA-4785-97FC-3D6013DC2981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp3:ftf1:*:*:*:*:*",
"matchCriteriaId": "D5BD6876-7210-4BEB-B7AA-D244135365D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp4:*:*:*:*:*:*",
"matchCriteriaId": "05979B3C-5275-43F4-9B45-865D1E22297E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp4:ftf1:*:*:*:*:*",
"matchCriteriaId": "718BDE90-B390-4CE8-BDB9-9C6FBEFE14CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp5:*:*:*:*:*:*",
"matchCriteriaId": "6675EC25-306B-45B1-92C4-9528FA54A215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp5:ftf1:*:*:*:*:*",
"matchCriteriaId": "9D98C9A0-47D5-4999-943C-3505C6FB6F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8D4976-BAE9-4A83-9DF6-9436C54E8413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A626A123-E33A-445F-93A2-8FA3B2E3E53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "896C7671-E300-4E6D-86A3-D0DAF4168CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp1:*:*:*:*:*:*",
"matchCriteriaId": "03D34570-657E-48D5-B778-9510C3D0FF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2EA7ED79-2E4E-4BE0-B167-31BB6311A506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp3:ftf3:*:*:*:*:*",
"matchCriteriaId": "E263D9A0-CAC3-4009-9F5B-8EA7365B28AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp4:*:*:*:*:*:*",
"matchCriteriaId": "A78EBF3A-4073-41D2-BD52-E598318D4996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13882AD-D700-4B95-9BB2-B3E0D104B227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FDCB14-9380-42C3-A6EE-3E6AEA3F52F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:ftf1:*:*:*:*:*",
"matchCriteriaId": "029E2F2F-CFC0-4C35-956C-703264AF3E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.5:*:ftf1:*:*:*:*:*",
"matchCriteriaId": "57A31BFD-F2AA-4FCD-A661-706B5CFE2CDC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en Novell eDirectory v8.7.3.x anteriores a v8.7.3.10 ftf2 y v8.8.x anteriores a v8.8.5.2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de la peticion NDS 0x1 conteniendo un valor de entero largo que inicia un desbordamiento de b\u00fafer basado en pila."
}
],
"id": "CVE-2009-0895",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-12-03T17:30:00.407",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37554"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/threats/356.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=7004912"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/37184"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3379"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=524344"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=545887"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/threats/356.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=7004912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=524344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=545887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50616"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 22:36
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | edirectory | * | |
| novell | edirectory | 8.7 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.1 | |
| novell | edirectory | 8.7.3 | |
| novell | edirectory | 8.7.3.8 | |
| novell | edirectory | 8.7.3.8_presp9 | |
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.7.3.9 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8 | |
| novell | edirectory | 8.8.1 | |
| novell | edirectory | 8.8.1 | |
| novell | edirectory | 8.8.1 | |
| novell | edirectory | 8.8.1 | |
| novell | edirectory | 8.8.1 | |
| novell | edirectory | 8.8.2 | |
| novell | edirectory | 8.8.2 | |
| novell | edirectory | 8.8.2 | |
| novell | edirectory | 8.8.2 | |
| novell | edirectory | 8.8.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCFB5DD-D24D-4C3B-9188-C264D9AC0B93",
"versionEndIncluding": "8.7.3.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8D4976-BAE9-4A83-9DF6-9436C54E8413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8_presp9:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AAA23-21E1-4C35-97FA-7F038E2C8923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A626A123-E33A-445F-93A2-8FA3B2E3E53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:linux:*:*:*:*:*",
"matchCriteriaId": "6658D417-B666-400A-89BD-C74A84E4EC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A5286A48-E77F-4D5F-8B8C-D701B9DC1819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "A18AD730-2782-4BC3-8B2E-D35D29EBC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "36699D76-090F-4ED3-9C02-A09EB68F5CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:linux:*:*:*:*:*",
"matchCriteriaId": "9775274E-21A5-466E-B792-54F53ECCD8F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:solaris:*:*:*:*:*",
"matchCriteriaId": "1CE0CDA6-DFF5-45F7-A641-180AED4F074D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "B490E624-9A8E-4AD2-9B6F-BFDA431CD77D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "4747583B-125F-423F-863F-5CBC4CB46C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C13882AD-D700-4B95-9BB2-B3E0D104B227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "F2AD4208-DD3E-427E-ADF8-5C59C59EDC15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "BEE923F3-28AB-4C29-A920-F363F415CBE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "F4DB1610-FDB3-432C-8AD7-C667DCAA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "30ABEC83-326A-4888-BFC7-3A40BC2E2CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FDCB14-9380-42C3-A6EE-3E6AEA3F52F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:linux:*:*:*:*:*",
"matchCriteriaId": "762D694C-7942-4265-BF99-1DE9F3BC9128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:solaris:*:*:*:*:*",
"matchCriteriaId": "20851E26-511C-41B2-A3BF-4E4A083A73F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "57A9A26E-0FB6-4766-9C7E-CB82551BC9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2003:*:*:*:*:*",
"matchCriteriaId": "7CD4DD41-AD88-4AB2-BAC2-2B59AECA16BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de entero en dhost.exe en Novell eDirectory v8.8 anterior a v8.8.3, y v8.73 anterior a v8.7.3.10 ftf1, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de (1) una cabecera \"Content-Length\" manipulada en una petici\u00f3n SOAP o (2) mediante un mensaje Netware Core Protocol opcode 0x0F, que lanza un desbordamiento de b\u00fafer basado en mont\u00edculo."
}
],
"id": "CVE-2008-4478",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T22:36:53.587",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32111"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4406"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7000087\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7001184\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497163/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497165/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020989"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020990"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-063"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-065"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7000087\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7001184\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497163/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497165/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020989"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45628"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2006-4520 (GCVE-0-2006-4520)
Vulnerability from cvelistv5
Published
2007-04-30 22:00
Modified
2024-08-07 19:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1550",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1550"
},
{
"name": "20070426 Novell eDirectory NCP Fragment Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=518"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=3924657\u0026sliceId=SAL_Public"
},
{
"name": "1017972",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017972"
},
{
"name": "23685",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23685"
},
{
"name": "novell-edirectory-ncp-dos(33921)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33921"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1550",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1550"
},
{
"name": "20070426 Novell eDirectory NCP Fragment Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=518"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=3924657\u0026sliceId=SAL_Public"
},
{
"name": "1017972",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017972"
},
{
"name": "23685",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23685"
},
{
"name": "novell-edirectory-ncp-dos(33921)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33921"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4520",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1550",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1550"
},
{
"name": "20070426 Novell eDirectory NCP Fragment Denial of Service Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=518"
},
{
"name": "http://www.novell.com/support/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=3924657\u0026sliceId=SAL_Public",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=3924657\u0026sliceId=SAL_Public"
},
{
"name": "1017972",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017972"
},
{
"name": "23685",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23685"
},
{
"name": "novell-edirectory-ncp-dos(33921)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33921"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4520",
"datePublished": "2007-04-30T22:00:00",
"dateReserved": "2006-08-31T00:00:00",
"dateUpdated": "2024-08-07T19:14:47.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5747 (GCVE-0-2016-5747)
Vulnerability from cvelistv5
Published
2017-03-23 06:36
Modified
2024-08-06 01:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- predictable cookies
Summary
A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Novell eDirectory |
Version: Novell eDirectory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:08:00.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Novell eDirectory",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Novell eDirectory"
}
]
}
],
"datePublic": "2017-03-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "predictable cookies",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:37",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2016-5747",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Novell eDirectory",
"version": {
"version_data": [
{
"version_value": "Novell eDirectory"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "predictable cookies"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.novell.com/support/kb/doc.php?id=7016794",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2016-5747",
"datePublished": "2017-03-23T06:36:00",
"dateReserved": "2016-06-23T00:00:00",
"dateUpdated": "2024-08-06T01:08:00.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4185 (GCVE-0-2006-4185)
Vulnerability from cvelistv5
Published
2006-08-17 00:00
Modified
2024-08-07 18:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the NCPENGINE in Novell eDirectory 8.7.3.8 allows local users to cause a denial of service (CPU consumption) via unspecified vectors, as originally demonstrated using a Nessus scan.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:57:46.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm"
},
{
"name": "19498",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19498"
},
{
"name": "1016695",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016695"
},
{
"name": "21496",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21496"
},
{
"name": "28369",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28369"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the NCPENGINE in Novell eDirectory 8.7.3.8 allows local users to cause a denial of service (CPU consumption) via unspecified vectors, as originally demonstrated using a Nessus scan."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-09-07T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm"
},
{
"name": "19498",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19498"
},
{
"name": "1016695",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016695"
},
{
"name": "21496",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21496"
},
{
"name": "28369",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28369"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the NCPENGINE in Novell eDirectory 8.7.3.8 allows local users to cause a denial of service (CPU consumption) via unspecified vectors, as originally demonstrated using a Nessus scan."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm"
},
{
"name": "19498",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19498"
},
{
"name": "1016695",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016695"
},
{
"name": "21496",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21496"
},
{
"name": "28369",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28369"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4185",
"datePublished": "2006-08-17T00:00:00",
"dateReserved": "2006-08-16T00:00:00",
"dateUpdated": "2024-08-07T18:57:46.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5092 (GCVE-0-2008-5092)
Vulnerability from cvelistv5
Published
2008-11-14 19:00
Modified
2024-08-07 10:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:40:17.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30947",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30947"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1020786",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020786"
},
{
"name": "ADV-2008-2462",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-08-19T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30947",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30947"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1020786",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020786"
},
{
"name": "ADV-2008-2462",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30947",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30947"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3426981",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1020786",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020786"
},
{
"name": "ADV-2008-2462",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5092",
"datePublished": "2008-11-14T19:00:00",
"dateReserved": "2008-11-14T00:00:00",
"dateUpdated": "2024-08-07T10:40:17.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1729 (GCVE-0-2005-1729)
Vulnerability from cvelistv5
Published
2005-06-20 04:00
Modified
2024-08-07 21:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:59:24.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1014177",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014177"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097766.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cirt.dk/advisories/cirt-33-advisory.pdf"
},
{
"name": "20050612 [CIRT.DK - Advisory] Novell eDirectory 8.7.3 DOS Device name Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034536.html"
},
{
"name": "15676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15676"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-12T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1014177",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014177"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097766.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cirt.dk/advisories/cirt-33-advisory.pdf"
},
{
"name": "20050612 [CIRT.DK - Advisory] Novell eDirectory 8.7.3 DOS Device name Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034536.html"
},
{
"name": "15676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15676"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1729",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1014177",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014177"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097766.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097766.htm"
},
{
"name": "http://www.cirt.dk/advisories/cirt-33-advisory.pdf",
"refsource": "MISC",
"url": "http://www.cirt.dk/advisories/cirt-33-advisory.pdf"
},
{
"name": "20050612 [CIRT.DK - Advisory] Novell eDirectory 8.7.3 DOS Device name Denial of Service",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034536.html"
},
{
"name": "15676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15676"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1729",
"datePublished": "2005-06-20T04:00:00",
"dateReserved": "2005-05-24T00:00:00",
"dateUpdated": "2024-08-07T21:59:24.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5212 (GCVE-0-2014-5212)
Vulnerability from cvelistv5
Published
2014-12-19 18:00
Modified
2024-08-06 11:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:47.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=904134"
},
{
"name": "20141219 SEC Consult SA-20141219-0 :: XSS \u0026 Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534284"
},
{
"name": "1031408",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031408"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-01-20T16:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=904134"
},
{
"name": "20141219 SEC Consult SA-20141219-0 :: XSS \u0026 Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534284"
},
{
"name": "1031408",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031408"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=904134",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=904134"
},
{
"name": "20141219 SEC Consult SA-20141219-0 :: XSS \u0026 Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534284"
},
{
"name": "1031408",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031408"
},
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=3426981",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5212",
"datePublished": "2014-12-19T18:00:00",
"dateReserved": "2014-08-13T00:00:00",
"dateUpdated": "2024-08-06T11:41:47.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1552 (GCVE-0-2002-1552)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021112 NOVL-2002-2963827 - Remote Manager Security Issue - NW5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103712790808781\u0026w=2"
},
{
"name": "novell-edirectory-expired-accounts(10604)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10604"
},
{
"name": "20021112 NOVL-2002-2963767 - Remote Manager Security Issue - eDir 8.6.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103712498905027\u0026w=2"
},
{
"name": "6163",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6163"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-11T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021112 NOVL-2002-2963827 - Remote Manager Security Issue - NW5.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103712790808781\u0026w=2"
},
{
"name": "novell-edirectory-expired-accounts(10604)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10604"
},
{
"name": "20021112 NOVL-2002-2963767 - Remote Manager Security Issue - eDir 8.6.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103712498905027\u0026w=2"
},
{
"name": "6163",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6163"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1552",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021112 NOVL-2002-2963827 - Remote Manager Security Issue - NW5.1",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103712790808781\u0026w=2"
},
{
"name": "novell-edirectory-expired-accounts(10604)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10604"
},
{
"name": "20021112 NOVL-2002-2963767 - Remote Manager Security Issue - eDir 8.6.2",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103712498905027\u0026w=2"
},
{
"name": "6163",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6163"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1552",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-03-04T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5094 (GCVE-0-2008-5094)
Vulnerability from cvelistv5
Published
2008-11-14 19:00
Modified
2024-08-07 10:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:40:17.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30947",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30947"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1020787",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020787"
},
{
"name": "ADV-2008-2462",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-08-19T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30947",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30947"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1020787",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020787"
},
{
"name": "ADV-2008-2462",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30947",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30947"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3426981",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1020787",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020787"
},
{
"name": "ADV-2008-2462",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5094",
"datePublished": "2008-11-14T19:00:00",
"dateReserved": "2008-11-14T00:00:00",
"dateUpdated": "2024-08-07T10:40:17.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5093 (GCVE-0-2008-5093)
Vulnerability from cvelistv5
Published
2008-11-14 19:00
Modified
2024-08-07 10:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:40:17.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30947",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30947"
},
{
"name": "novell-edirectory-httpstk-xss(46667)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46667"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1020785",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020785"
},
{
"name": "ADV-2008-2462",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30947",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30947"
},
{
"name": "novell-edirectory-httpstk-xss(46667)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46667"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1020785",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020785"
},
{
"name": "ADV-2008-2462",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30947",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30947"
},
{
"name": "novell-edirectory-httpstk-xss(46667)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46667"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3426981",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1020785",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020785"
},
{
"name": "ADV-2008-2462",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5093",
"datePublished": "2008-11-14T19:00:00",
"dateReserved": "2008-11-14T00:00:00",
"dateUpdated": "2024-08-07T10:40:17.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5814 (GCVE-0-2006-5814)
Vulnerability from cvelistv5
Published
2006-11-08 23:00
Modified
2024-08-07 20:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Novell eDirectory allows remote attackers to execute arbitrary code, as demonstrated by vd_novell.pm, a "Novell eDirectory remote exploit." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:04:55.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gleg.net/vulndisco_meta.shtml"
},
{
"name": "1017169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017169"
},
{
"name": "novell-edirectory-code-execution(30150)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Novell eDirectory allows remote attackers to execute arbitrary code, as demonstrated by vd_novell.pm, a \"Novell eDirectory remote exploit.\" NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gleg.net/vulndisco_meta.shtml"
},
{
"name": "1017169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017169"
},
{
"name": "novell-edirectory-code-execution(30150)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Novell eDirectory allows remote attackers to execute arbitrary code, as demonstrated by vd_novell.pm, a \"Novell eDirectory remote exploit.\" NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://gleg.net/vulndisco_meta.shtml",
"refsource": "MISC",
"url": "http://gleg.net/vulndisco_meta.shtml"
},
{
"name": "1017169",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017169"
},
{
"name": "novell-edirectory-code-execution(30150)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5814",
"datePublished": "2006-11-08T23:00:00",
"dateReserved": "2006-11-08T00:00:00",
"dateUpdated": "2024-08-07T20:04:55.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0925 (GCVE-0-2008-0925)
Vulnerability from cvelistv5
Published
2008-06-18 19:29
Modified
2024-08-07 08:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in the iMonitor interface in Novell eDirectory 8.7.3.x before 8.7.3 sp10, and 8.8.x before 8.8.2 ftf2, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters that are used within "error messages of the HTTP stack."
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-1863",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1863/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3460217\u0026sliceId=1"
},
{
"name": "30748",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30748"
},
{
"name": "novell-edirectory-imonitor-xss(43151)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43151"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "29782",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29782"
},
{
"name": "1020321",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020321"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the iMonitor interface in Novell eDirectory 8.7.3.x before 8.7.3 sp10, and 8.8.x before 8.8.2 ftf2, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters that are used within \"error messages of the HTTP stack.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-1863",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1863/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3460217\u0026sliceId=1"
},
{
"name": "30748",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30748"
},
{
"name": "novell-edirectory-imonitor-xss(43151)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43151"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "29782",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29782"
},
{
"name": "1020321",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020321"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the iMonitor interface in Novell eDirectory 8.7.3.x before 8.7.3 sp10, and 8.8.x before 8.8.2 ftf2, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters that are used within \"error messages of the HTTP stack.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-1863",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1863/references"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3460217\u0026sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3460217\u0026sliceId=1"
},
{
"name": "30748",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30748"
},
{
"name": "novell-edirectory-imonitor-xss(43151)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43151"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "29782",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29782"
},
{
"name": "1020321",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020321"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0925",
"datePublished": "2008-06-18T19:29:00",
"dateReserved": "2008-02-25T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4653 (GCVE-0-2009-4653)
Vulnerability from cvelistv5
Published
2010-02-26 18:09
Modified
2024-08-07 07:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:08:38.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37009",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37009"
},
{
"name": "20091112 Novell eDirectory 8.8 SP5 Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507812/100/0/threaded"
},
{
"name": "edirectory-modulesi-bo(54264)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "37009",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37009"
},
{
"name": "20091112 Novell eDirectory 8.8 SP5 Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507812/100/0/threaded"
},
{
"name": "edirectory-modulesi-bo(54264)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4653",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37009",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37009"
},
{
"name": "20091112 Novell eDirectory 8.8 SP5 Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507812/100/0/threaded"
},
{
"name": "edirectory-modulesi-bo(54264)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4653",
"datePublished": "2010-02-26T18:09:00",
"dateReserved": "2010-02-26T00:00:00",
"dateUpdated": "2024-08-07T07:08:38.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3862 (GCVE-0-2009-3862)
Vulnerability from cvelistv5
Published
2009-11-04 18:00
Modified
2024-08-07 06:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:51.084Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=7004721"
},
{
"name": "ADV-2009-3120",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3120"
},
{
"name": "36902",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36902"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-075/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-03T16:23:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=7004721"
},
{
"name": "ADV-2009-3120",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3120"
},
{
"name": "36902",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36902"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-075/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=7004721",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7004721"
},
{
"name": "ADV-2009-3120",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3120"
},
{
"name": "36902",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36902"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-075/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-075/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3862",
"datePublished": "2009-11-04T18:00:00",
"dateReserved": "2009-11-04T00:00:00",
"dateUpdated": "2024-08-07T06:45:51.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3159 (GCVE-0-2008-3159)
Vulnerability from cvelistv5
Published
2008-07-14 18:00
Modified
2024-08-07 09:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1020431",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020431"
},
{
"name": "30085",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30085"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026sliceId=SAL_Public\u0026externalId=3694858"
},
{
"name": "novell-edirectory-dsdlm-bo(43589)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43589"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-041/"
},
{
"name": "ADV-2008-1999",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1999"
},
{
"name": "30938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30938"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to \"flawed arithmetic.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1020431",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020431"
},
{
"name": "30085",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30085"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026sliceId=SAL_Public\u0026externalId=3694858"
},
{
"name": "novell-edirectory-dsdlm-bo(43589)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43589"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-041/"
},
{
"name": "ADV-2008-1999",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1999"
},
{
"name": "30938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30938"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3159",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to \"flawed arithmetic.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1020431",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020431"
},
{
"name": "30085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30085"
},
{
"name": "http://www.novell.com/support/search.do?cmd=displayKC\u0026sliceId=SAL_Public\u0026externalId=3694858",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026sliceId=SAL_Public\u0026externalId=3694858"
},
{
"name": "novell-edirectory-dsdlm-bo(43589)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43589"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-041/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-041/"
},
{
"name": "ADV-2008-1999",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1999"
},
{
"name": "30938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30938"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3159",
"datePublished": "2008-07-14T18:00:00",
"dateReserved": "2008-07-14T00:00:00",
"dateUpdated": "2024-08-07T09:28:41.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2551 (GCVE-0-2005-2551)
Vulnerability from cvelistv5
Published
2005-08-12 04:00
Modified
2024-08-07 22:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 on Windows allows attackers to cause a denial of service (crash) and obtain access to files via unknown vectors.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.053Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16393"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972038.htm"
},
{
"name": "1014661",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014661"
},
{
"name": "14548",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14548"
},
{
"name": "VU#213165",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/213165"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098568.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 on Windows allows attackers to cause a denial of service (crash) and obtain access to files via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-30T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16393"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972038.htm"
},
{
"name": "1014661",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014661"
},
{
"name": "14548",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14548"
},
{
"name": "VU#213165",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/213165"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098568.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 on Windows allows attackers to cause a denial of service (crash) and obtain access to files via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16393"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972038.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972038.htm"
},
{
"name": "1014661",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014661"
},
{
"name": "14548",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14548"
},
{
"name": "VU#213165",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/213165"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098568.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098568.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2551",
"datePublished": "2005-08-12T04:00:00",
"dateReserved": "2005-08-12T00:00:00",
"dateUpdated": "2024-08-07T22:30:01.053Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5091 (GCVE-0-2008-5091)
Vulnerability from cvelistv5
Published
2008-11-14 19:00
Modified
2024-08-07 10:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter."
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:40:17.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30947",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30947"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1020788",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020788"
},
{
"name": "novell-edirectory-extensiblematch-dos(43590)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43590"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/documentation/edir873/sp10_readme/netware/readme.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3477912"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=373853"
},
{
"name": "ADV-2008-2462",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an \"invalid extensibleMatch filter.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30947",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30947"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1020788",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020788"
},
{
"name": "novell-edirectory-extensiblematch-dos(43590)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43590"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/documentation/edir873/sp10_readme/netware/readme.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3477912"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=373853"
},
{
"name": "ADV-2008-2462",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an \"invalid extensibleMatch filter.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30947",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30947"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3426981",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1020788",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020788"
},
{
"name": "novell-edirectory-extensiblematch-dos(43590)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43590"
},
{
"name": "http://www.novell.com/documentation/edir873/sp10_readme/netware/readme.txt",
"refsource": "CONFIRM",
"url": "http://www.novell.com/documentation/edir873/sp10_readme/netware/readme.txt"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3477912",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3477912"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=373853",
"refsource": "MISC",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=373853"
},
{
"name": "ADV-2008-2462",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2462"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5091",
"datePublished": "2008-11-14T19:00:00",
"dateReserved": "2008-11-14T00:00:00",
"dateUpdated": "2024-08-07T10:40:17.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5038 (GCVE-0-2008-5038)
Vulnerability from cvelistv5
Published
2008-11-12 20:18
Modified
2024-08-07 10:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:40:17.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "20081030 Novell eDirectory NCP Get Extension Information Request Memory Corruption Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=748"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "32395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32395"
},
{
"name": "31956",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31956"
},
{
"name": "48206",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/48206"
},
{
"name": "1021117",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021117"
},
{
"name": "novell-edirectory-ncp-unspecified(46138)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46138"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "ADV-2008-2937",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2937"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of \"Get NCP Extension Information By Name\" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "20081030 Novell eDirectory NCP Get Extension Information Request Memory Corruption Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=748"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "32395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32395"
},
{
"name": "31956",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31956"
},
{
"name": "48206",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/48206"
},
{
"name": "1021117",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021117"
},
{
"name": "novell-edirectory-ncp-unspecified(46138)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46138"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "ADV-2008-2937",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2937"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5038",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of \"Get NCP Extension Information By Name\" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3426981",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "20081030 Novell eDirectory NCP Get Extension Information Request Memory Corruption Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=748"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "32395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32395"
},
{
"name": "31956",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31956"
},
{
"name": "48206",
"refsource": "OSVDB",
"url": "http://osvdb.org/48206"
},
{
"name": "1021117",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021117"
},
{
"name": "novell-edirectory-ncp-unspecified(46138)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46138"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "ADV-2008-2937",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2937"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5038",
"datePublished": "2008-11-12T20:18:00",
"dateReserved": "2008-11-12T00:00:00",
"dateUpdated": "2024-08-07T10:40:17.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5186 (GCVE-0-2017-5186)
Vulnerability from cvelistv5
Published
2017-04-27 14:00
Modified
2024-08-05 14:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- deprecated hashing algorithm
Summary
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NetIQ/Novell iManager and eDirectory |
Version: NetIQ/Novell iManager and eDirectory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:35.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1019789"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=988749"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1019041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NetIQ/Novell iManager and eDirectory",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "NetIQ/Novell iManager and eDirectory"
}
]
}
],
"datePublic": "2017-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "deprecated hashing algorithm",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:59",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1019789"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=988749"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1019041"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2017-5186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetIQ/Novell iManager and eDirectory",
"version": {
"version_data": [
{
"version_value": "NetIQ/Novell iManager and eDirectory"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "deprecated hashing algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.novell.com/support/kb/doc.php?id=7016794",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=3426981",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=7016795",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7016795"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=1019789",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1019789"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=988749",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=988749"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=7010166",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7010166"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=1019041",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=1019041"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-5186",
"datePublished": "2017-04-27T14:00:00",
"dateReserved": "2017-01-06T00:00:00",
"dateUpdated": "2024-08-05T14:55:35.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4177 (GCVE-0-2006-4177)
Vulnerability from cvelistv5
Published
2006-10-24 20:00
Modified
2024-08-07 18:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more data than intended.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:57:46.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20664",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20664"
},
{
"name": "22506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22506"
},
{
"name": "1017104",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017104"
},
{
"name": "20061022 Novell eDirectory NCP over IP length Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=426"
},
{
"name": "edirectory-ncp-bo(29768)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29768"
},
{
"name": "ADV-2006-4142",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4142"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more data than intended."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20664",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20664"
},
{
"name": "22506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22506"
},
{
"name": "1017104",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017104"
},
{
"name": "20061022 Novell eDirectory NCP over IP length Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=426"
},
{
"name": "edirectory-ncp-bo(29768)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29768"
},
{
"name": "ADV-2006-4142",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4142"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4177",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more data than intended."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20664",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20664"
},
{
"name": "22506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22506"
},
{
"name": "1017104",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017104"
},
{
"name": "20061022 Novell eDirectory NCP over IP length Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=426"
},
{
"name": "edirectory-ncp-bo(29768)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29768"
},
{
"name": "ADV-2006-4142",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4142"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4177",
"datePublished": "2006-10-24T20:00:00",
"dateReserved": "2006-08-16T00:00:00",
"dateUpdated": "2024-08-07T18:57:46.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0895 (GCVE-0-2009-0895)
Vulnerability from cvelistv5
Published
2009-12-03 17:00
Modified
2024-08-07 04:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:52.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-3379",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3379"
},
{
"name": "37184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37184"
},
{
"name": "application-control-request-overflow(50616)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50616"
},
{
"name": "20091124 Novell eDirectory Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/356.html"
},
{
"name": "37554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37554"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=7004912"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=524344"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=545887"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-3379",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3379"
},
{
"name": "37184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37184"
},
{
"name": "application-control-request-overflow(50616)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50616"
},
{
"name": "20091124 Novell eDirectory Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/356.html"
},
{
"name": "37554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37554"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=7004912"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=524344"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=545887"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0895",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-3379",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3379"
},
{
"name": "37184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37184"
},
{
"name": "application-control-request-overflow(50616)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50616"
},
{
"name": "20091124 Novell eDirectory Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/356.html"
},
{
"name": "37554",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37554"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=7004912",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7004912"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=524344",
"refsource": "MISC",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=524344"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=545887",
"refsource": "MISC",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=545887"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0895",
"datePublished": "2009-12-03T17:00:00",
"dateReserved": "2009-03-14T00:00:00",
"dateUpdated": "2024-08-07T04:48:52.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4186 (GCVE-0-2006-4186)
Vulnerability from cvelistv5
Published
2006-08-17 00:00
Modified
2024-08-07 18:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The iManager in eMBoxClient.jar in Novell eDirectory 8.7.3.8 writes passwords in plaintext to a log file, which allows local users to obtain passwords by reading the file.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:57:46.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19499",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19499"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm"
},
{
"name": "1016695",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016695"
},
{
"name": "21496",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21496"
},
{
"name": "28370",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28370"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The iManager in eMBoxClient.jar in Novell eDirectory 8.7.3.8 writes passwords in plaintext to a log file, which allows local users to obtain passwords by reading the file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-09-07T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19499",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19499"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm"
},
{
"name": "1016695",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016695"
},
{
"name": "21496",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21496"
},
{
"name": "28370",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28370"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The iManager in eMBoxClient.jar in Novell eDirectory 8.7.3.8 writes passwords in plaintext to a log file, which allows local users to obtain passwords by reading the file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19499",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19499"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm"
},
{
"name": "1016695",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016695"
},
{
"name": "21496",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21496"
},
{
"name": "28370",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28370"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4186",
"datePublished": "2006-08-17T00:00:00",
"dateReserved": "2006-08-16T00:00:00",
"dateUpdated": "2024-08-07T18:57:46.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0079 (GCVE-0-2004-0079)
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2025-01-16 17:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.689Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9899",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "FEDORA-2005-1042",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
},
{
"name": "ESA-20040317-003",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"name": "SSRT4717",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"name": "RHSA-2004:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "MDKSA-2004:023",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"name": "oval:org.mitre.oval:def:2621",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
},
{
"name": "CLA-2004:834",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "17381",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17381"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "FEDORA-2004-095",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"name": "oval:org.mitre.oval:def:9779",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
},
{
"name": "oval:org.mitre.oval:def:975",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
},
{
"name": "57524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "SuSE-SA:2004:007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"name": "FreeBSD-SA-04:05",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
},
{
"name": "NetBSD-SA2004-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"name": "O-101",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"name": "TA04-078A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "17401",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17401"
},
{
"name": "RHSA-2005:829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
},
{
"name": "oval:org.mitre.oval:def:870",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
},
{
"name": "RHSA-2005:830",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
},
{
"name": "GLSA-200403-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "11139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
},
{
"name": "APPLE-SA-2005-08-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "17398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17398"
},
{
"name": "SSA:2004-077",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"name": "RHSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"name": "openssl-dochangecipherspec-dos(15505)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
},
{
"name": "2004-0012",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "VU#288574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/288574"
},
{
"name": "DSA-465",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"name": "APPLE-SA-2005-08-17",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "18247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18247"
},
{
"name": "oval:org.mitre.oval:def:5770",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2004-0079",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-08T16:21:54.985893Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T17:33:22.869Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9899",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "FEDORA-2005-1042",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
},
{
"name": "ESA-20040317-003",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"name": "SSRT4717",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"name": "RHSA-2004:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "MDKSA-2004:023",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"name": "oval:org.mitre.oval:def:2621",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
},
{
"name": "CLA-2004:834",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "17381",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17381"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "FEDORA-2004-095",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"name": "oval:org.mitre.oval:def:9779",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
},
{
"name": "oval:org.mitre.oval:def:975",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
},
{
"name": "57524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "SuSE-SA:2004:007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"name": "FreeBSD-SA-04:05",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
},
{
"name": "NetBSD-SA2004-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"name": "O-101",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"name": "TA04-078A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "17401",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17401"
},
{
"name": "RHSA-2005:829",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
},
{
"name": "oval:org.mitre.oval:def:870",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
},
{
"name": "RHSA-2005:830",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
},
{
"name": "GLSA-200403-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "11139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
},
{
"name": "APPLE-SA-2005-08-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "17398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17398"
},
{
"name": "SSA:2004-077",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"name": "RHSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"name": "openssl-dochangecipherspec-dos(15505)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
},
{
"name": "2004-0012",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "VU#288574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/288574"
},
{
"name": "DSA-465",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"name": "APPLE-SA-2005-08-17",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "18247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18247"
},
{
"name": "oval:org.mitre.oval:def:5770",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0079",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "FEDORA-2005-1042",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html"
},
{
"name": "ESA-20040317-003",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"name": "SSRT4717",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"name": "RHSA-2004:121",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "MDKSA-2004:023",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"name": "oval:org.mitre.oval:def:2621",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621"
},
{
"name": "CLA-2004:834",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "17381",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17381"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "FEDORA-2004-095",
"refsource": "FEDORA",
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"name": "oval:org.mitre.oval:def:9779",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779"
},
{
"name": "oval:org.mitre.oval:def:975",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975"
},
{
"name": "57524",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "SuSE-SA:2004:007",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"name": "http://lists.apple.com/mhonarc/security-announce/msg00045.html",
"refsource": "CONFIRM",
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"name": "http://www.openssl.org/news/secadv_20040317.txt",
"refsource": "CONFIRM",
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"name": "FreeBSD-SA-04:05",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc"
},
{
"name": "NetBSD-SA2004-005",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"name": "O-101",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"name": "TA04-078A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "17401",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17401"
},
{
"name": "RHSA-2005:829",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-829.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm"
},
{
"name": "oval:org.mitre.oval:def:870",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870"
},
{
"name": "RHSA-2005:830",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-830.html"
},
{
"name": "GLSA-200403-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "11139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"name": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US",
"refsource": "CONFIRM",
"url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US"
},
{
"name": "APPLE-SA-2005-08-15",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "17398",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17398"
},
{
"name": "SSA:2004-077",
"refsource": "SLACKWARE",
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"name": "RHSA-2004:139",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"name": "openssl-dochangecipherspec-dos(15505)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505"
},
{
"name": "2004-0012",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=61798",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "VU#288574",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/288574"
},
{
"name": "DSA-465",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-465"
},
{
"name": "APPLE-SA-2005-08-17",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "18247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18247"
},
{
"name": "oval:org.mitre.oval:def:5770",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0079",
"datePublished": "2004-03-18T05:00:00",
"dateReserved": "2004-01-19T00:00:00",
"dateUpdated": "2025-01-16T17:33:22.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1777 (GCVE-0-2008-1777)
Vulnerability from cvelistv5
Published
2008-04-14 16:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The eDirectory Host Environment service (dhost.exe) in Novell eDirectory 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a long HTTP HEAD request to TCP port 8028.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28572",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28572"
},
{
"name": "ADV-2008-1075",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1075"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.offensive-security.com/0day/novel-edir.py.txt"
},
{
"name": "1019783",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019783"
},
{
"name": "29639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29639"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The eDirectory Host Environment service (dhost.exe) in Novell eDirectory 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a long HTTP HEAD request to TCP port 8028."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-04-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28572",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28572"
},
{
"name": "ADV-2008-1075",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1075"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.offensive-security.com/0day/novel-edir.py.txt"
},
{
"name": "1019783",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019783"
},
{
"name": "29639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29639"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1777",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The eDirectory Host Environment service (dhost.exe) in Novell eDirectory 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a long HTTP HEAD request to TCP port 8028."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28572",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28572"
},
{
"name": "ADV-2008-1075",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1075"
},
{
"name": "http://www.offensive-security.com/0day/novel-edir.py.txt",
"refsource": "MISC",
"url": "http://www.offensive-security.com/0day/novel-edir.py.txt"
},
{
"name": "1019783",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019783"
},
{
"name": "29639",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29639"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1777",
"datePublished": "2008-04-14T16:00:00",
"dateReserved": "2008-04-14T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-9277 (GCVE-0-2017-9277)
Vulnerability from cvelistv5
Published
2018-03-02 20:00
Modified
2024-09-17 00:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- inconsistent enabling of security feature
Summary
The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Novell | eDirectory |
Version: unspecified < 9.0 SP4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:02:43.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/edirectory-9/edirectory904_releasenotes/data/edirectory904_releasenotes.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1005473"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "eDirectory",
"vendor": "Novell",
"versions": [
{
"lessThan": "9.0 SP4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2017-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "inconsistent enabling of security feature",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:32",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.netiq.com/documentation/edirectory-9/edirectory904_releasenotes/data/edirectory904_releasenotes.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1005473"
}
],
"source": {
"advisory": "7016794",
"defect": [
"1005473"
],
"discovery": "INTERNAL"
},
"title": "existing connection is being used even though eDirectory LDAP server is upgraded to EBA",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2017-10-02T00:00:00.000Z",
"ID": "CVE-2017-9277",
"STATE": "PUBLIC",
"TITLE": "existing connection is being used even though eDirectory LDAP server is upgraded to EBA"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "eDirectory",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.0 SP4"
}
]
}
}
]
},
"vendor_name": "Novell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "inconsistent enabling of security feature"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.novell.com/support/kb/doc.php?id=7016794",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"name": "https://www.netiq.com/documentation/edirectory-9/edirectory904_releasenotes/data/edirectory904_releasenotes.html",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/documentation/edirectory-9/edirectory904_releasenotes/data/edirectory904_releasenotes.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1005473",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1005473"
}
]
},
"source": {
"advisory": "7016794",
"defect": [
"1005473"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-9277",
"datePublished": "2018-03-02T20:00:00Z",
"dateReserved": "2017-05-29T00:00:00",
"dateUpdated": "2024-09-17T00:06:48.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5813 (GCVE-0-2006-5813)
Vulnerability from cvelistv5
Published
2006-11-08 23:00
Modified
2024-08-07 20:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Novell eDirectory 8.8 allows attackers to cause a denial of service, as demonstrated by vd_novell3.pm, a "Novell eDirectory 8.8 DoS." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:04:55.740Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gleg.net/vulndisco_meta.shtml"
},
{
"name": "1017169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017169"
},
{
"name": "novell-edirectory-dos(30149)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Novell eDirectory 8.8 allows attackers to cause a denial of service, as demonstrated by vd_novell3.pm, a \"Novell eDirectory 8.8 DoS.\" NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gleg.net/vulndisco_meta.shtml"
},
{
"name": "1017169",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017169"
},
{
"name": "novell-edirectory-dos(30149)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5813",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Novell eDirectory 8.8 allows attackers to cause a denial of service, as demonstrated by vd_novell3.pm, a \"Novell eDirectory 8.8 DoS.\" NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://gleg.net/vulndisco_meta.shtml",
"refsource": "MISC",
"url": "http://gleg.net/vulndisco_meta.shtml"
},
{
"name": "1017169",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017169"
},
{
"name": "novell-edirectory-dos(30149)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5813",
"datePublished": "2006-11-08T23:00:00",
"dateReserved": "2006-11-08T00:00:00",
"dateUpdated": "2024-08-07T20:04:55.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4509 (GCVE-0-2006-4509)
Vulnerability from cvelistv5
Published
2006-10-24 19:00
Modified
2024-08-07 19:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.022Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061022 Novell eDirectory evtFilteredMonitorEventsRequest Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=427"
},
{
"name": "20663",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20663"
},
{
"name": "edirectory-monitoreventsrequest-bo(29764)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29764"
},
{
"name": "22506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22506"
},
{
"name": "1017104",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017104"
},
{
"name": "ADV-2006-4142",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061022 Novell eDirectory evtFilteredMonitorEventsRequest Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=427"
},
{
"name": "20663",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20663"
},
{
"name": "edirectory-monitoreventsrequest-bo(29764)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29764"
},
{
"name": "22506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22506"
},
{
"name": "1017104",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017104"
},
{
"name": "ADV-2006-4142",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4509",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061022 Novell eDirectory evtFilteredMonitorEventsRequest Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=427"
},
{
"name": "20663",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20663"
},
{
"name": "edirectory-monitoreventsrequest-bo(29764)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29764"
},
{
"name": "22506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22506"
},
{
"name": "1017104",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017104"
},
{
"name": "ADV-2006-4142",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4509",
"datePublished": "2006-10-24T19:00:00",
"dateReserved": "2006-08-31T00:00:00",
"dateUpdated": "2024-08-07T19:14:47.022Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5213 (GCVE-0-2014-5213)
Vulnerability from cvelistv5
Published
2014-12-19 18:00
Modified
2024-08-06 11:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:47.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20141219 SEC Consult SA-20141219-0 :: XSS \u0026 Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534284"
},
{
"name": "1031408",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031408"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=904135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-01-20T16:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20141219 SEC Consult SA-20141219-0 :: XSS \u0026 Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534284"
},
{
"name": "1031408",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031408"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=904135"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20141219 SEC Consult SA-20141219-0 :: XSS \u0026 Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534284"
},
{
"name": "1031408",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031408"
},
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141219-0_NetIQ_eDirectory_iMonitor_XSS_Memory_Disclosure_v10.txt"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=3426981",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=3426981"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=904135",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=904135"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5213",
"datePublished": "2014-12-19T18:00:00",
"dateReserved": "2014-08-13T00:00:00",
"dateUpdated": "2024-08-06T11:41:47.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0924 (GCVE-0-2008-0924)
Vulnerability from cvelistv5
Published
2008-03-28 18:00
Modified
2024-08-07 08:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory 8.7.3.9 and earlier, and 8.8.1 and earlier in the 8.8.x series, allows remote attackers to cause a denial of service (daemon crash or CPU consumption) or execute arbitrary code via a long delRequest LDAP Extended Request message, probably involving a long Distinguished Name (DN) field.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.073Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1019692",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019692"
},
{
"name": "ADV-2008-0987",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0987/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-013/"
},
{
"name": "29476",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29476"
},
{
"name": "28434",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28434"
},
{
"name": "20080326 ZDI-08-013: Novell eDirectory for Linux Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490117/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/411/3382120_f.SAL_Public.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory 8.7.3.9 and earlier, and 8.8.1 and earlier in the 8.8.x series, allows remote attackers to cause a denial of service (daemon crash or CPU consumption) or execute arbitrary code via a long delRequest LDAP Extended Request message, probably involving a long Distinguished Name (DN) field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1019692",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019692"
},
{
"name": "ADV-2008-0987",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0987/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-013/"
},
{
"name": "29476",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29476"
},
{
"name": "28434",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28434"
},
{
"name": "20080326 ZDI-08-013: Novell eDirectory for Linux Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490117/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/411/3382120_f.SAL_Public.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory 8.7.3.9 and earlier, and 8.8.1 and earlier in the 8.8.x series, allows remote attackers to cause a denial of service (daemon crash or CPU consumption) or execute arbitrary code via a long delRequest LDAP Extended Request message, probably involving a long Distinguished Name (DN) field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1019692",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019692"
},
{
"name": "ADV-2008-0987",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0987/references"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-013/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-013/"
},
{
"name": "29476",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29476"
},
{
"name": "28434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28434"
},
{
"name": "20080326 ZDI-08-013: Novell eDirectory for Linux Stack Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490117/100/0/threaded"
},
{
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/411/3382120_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/411/3382120_f.SAL_Public.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0924",
"datePublished": "2008-03-28T18:00:00",
"dateReserved": "2008-02-25T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.073Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4521 (GCVE-0-2006-4521)
Vulnerability from cvelistv5
Published
2006-11-04 00:00
Modified
2024-08-07 19:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS module in Novell eDirectory 8.8 and 8.8.1 before the Security Services 2.0.3 patch does not properly increment a pointer when handling certain input, which allows remote attackers to cause a denial of service (invalid memory access) via a crafted login request.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22660",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22660"
},
{
"name": "ADV-2006-4293",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4293"
},
{
"name": "20842",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20842"
},
{
"name": "novell-berdecodelogindatarequeset-dos(29963)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29963"
},
{
"name": "20061027 Novell eDirectory NMAS BerDecodeLoginDataRequeset DoS Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=437"
},
{
"name": "1017140",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017140"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS module in Novell eDirectory 8.8 and 8.8.1 before the Security Services 2.0.3 patch does not properly increment a pointer when handling certain input, which allows remote attackers to cause a denial of service (invalid memory access) via a crafted login request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22660",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22660"
},
{
"name": "ADV-2006-4293",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4293"
},
{
"name": "20842",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20842"
},
{
"name": "novell-berdecodelogindatarequeset-dos(29963)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29963"
},
{
"name": "20061027 Novell eDirectory NMAS BerDecodeLoginDataRequeset DoS Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=437"
},
{
"name": "1017140",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017140"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4521",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS module in Novell eDirectory 8.8 and 8.8.1 before the Security Services 2.0.3 patch does not properly increment a pointer when handling certain input, which allows remote attackers to cause a denial of service (invalid memory access) via a crafted login request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22660",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22660"
},
{
"name": "ADV-2006-4293",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4293"
},
{
"name": "20842",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20842"
},
{
"name": "novell-berdecodelogindatarequeset-dos(29963)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29963"
},
{
"name": "20061027 Novell eDirectory NMAS BerDecodeLoginDataRequeset DoS Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=437"
},
{
"name": "1017140",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017140"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4521",
"datePublished": "2006-11-04T00:00:00",
"dateReserved": "2006-08-31T00:00:00",
"dateUpdated": "2024-08-07T19:14:47.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4327 (GCVE-0-2010-4327)
Vulnerability from cvelistv5
Published
2011-02-10 17:00
Modified
2024-08-07 03:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:43:14.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=7007781\u0026sliceId=2"
},
{
"name": "ADV-2011-0305",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0305"
},
{
"name": "43186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43186"
},
{
"name": "46263",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46263"
},
{
"name": "8071",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8071"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell"
},
{
"name": "20110207 ZDI-11-060: Novell eDirectory Malformed NCP Request Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/516279/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-060"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=7007781\u0026sliceId=2"
},
{
"name": "ADV-2011-0305",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0305"
},
{
"name": "43186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43186"
},
{
"name": "46263",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46263"
},
{
"name": "8071",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8071"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell"
},
{
"name": "20110207 ZDI-11-060: Novell eDirectory Malformed NCP Request Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/516279/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-060"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4327",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=7007781\u0026sliceId=2",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7007781\u0026sliceId=2"
},
{
"name": "ADV-2011-0305",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0305"
},
{
"name": "43186",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43186"
},
{
"name": "46263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46263"
},
{
"name": "8071",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8071"
},
{
"name": "http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell"
},
{
"name": "20110207 ZDI-11-060: Novell eDirectory Malformed NCP Request Denial of Service Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516279/100/0/threaded"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-060",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-060"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4327",
"datePublished": "2011-02-10T17:00:00",
"dateReserved": "2010-11-29T00:00:00",
"dateUpdated": "2024-08-07T03:43:14.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9167 (GCVE-0-2016-9167)
Vulnerability from cvelistv5
Published
2017-03-23 06:36
Modified
2024-08-06 02:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- privilege escalation
Summary
NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Novell eDirectory |
Version: Novell eDirectory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:42:10.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"name": "97315",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97315"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Novell eDirectory",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Novell eDirectory"
}
]
}
],
"datePublic": "2017-03-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:52",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"name": "97315",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97315"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2016-9167",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Novell eDirectory",
"version": {
"version_data": [
{
"version_value": "Novell eDirectory"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.novell.com/support/kb/doc.php?id=7016794",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"name": "97315",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97315"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2016-9167",
"datePublished": "2017-03-23T06:36:00",
"dateReserved": "2016-11-03T00:00:00",
"dateUpdated": "2024-08-06T02:42:10.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2457 (GCVE-0-2009-2457)
Vulnerability from cvelistv5
Published
2009-07-14 20:16
Modified
2024-08-07 05:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (crash) via a malformed bind LDAP packet.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:52:14.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55849",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/55849"
},
{
"name": "34160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34160"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "edirectory-ldap-dos(51706)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51706"
},
{
"name": "35666",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35666"
},
{
"name": "ADV-2009-1883",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1883"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DS\\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (crash) via a malformed bind LDAP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "55849",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/55849"
},
{
"name": "34160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34160"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "edirectory-ldap-dos(51706)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51706"
},
{
"name": "35666",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35666"
},
{
"name": "ADV-2009-1883",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1883"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DS\\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (crash) via a malformed bind LDAP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55849",
"refsource": "OSVDB",
"url": "http://osvdb.org/55849"
},
{
"name": "34160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34160"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3426981",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "edirectory-ldap-dos(51706)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51706"
},
{
"name": "35666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35666"
},
{
"name": "ADV-2009-1883",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1883"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2457",
"datePublished": "2009-07-14T20:16:00",
"dateReserved": "2009-07-14T00:00:00",
"dateUpdated": "2024-08-07T05:52:14.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0926 (GCVE-0-2008-0926)
Vulnerability from cvelistv5
Published
2008-03-28 18:00
Modified
2024-08-07 08:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 and earlier, and 8.8.x before 8.8.2, relies on client-side authentication, which allows remote attackers to bypass authentication via requests for /SOAP URIs, and cause a denial of service (daemon shutdown) or read arbitrary files. NOTE: it was later reported that 8.7.3.10 (aka 8.7.3 SP10) is also affected.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "novell-edirectory-embox-unspecified(41426)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41426"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/876/3866911_f.SAL_Public.html"
},
{
"name": "20080505 Novell eDirectory unauthenticated access to SOAP interface",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491621/100/0/threaded"
},
{
"name": "1019691",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019691"
},
{
"name": "28441",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28441"
},
{
"name": "29527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29527"
},
{
"name": "ADV-2008-0988",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0988/references"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 and earlier, and 8.8.x before 8.8.2, relies on client-side authentication, which allows remote attackers to bypass authentication via requests for /SOAP URIs, and cause a denial of service (daemon shutdown) or read arbitrary files. NOTE: it was later reported that 8.7.3.10 (aka 8.7.3 SP10) is also affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "novell-edirectory-embox-unspecified(41426)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41426"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/876/3866911_f.SAL_Public.html"
},
{
"name": "20080505 Novell eDirectory unauthenticated access to SOAP interface",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/491621/100/0/threaded"
},
{
"name": "1019691",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019691"
},
{
"name": "28441",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28441"
},
{
"name": "29527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29527"
},
{
"name": "ADV-2008-0988",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0988/references"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0926",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 and earlier, and 8.8.x before 8.8.2, relies on client-side authentication, which allows remote attackers to bypass authentication via requests for /SOAP URIs, and cause a denial of service (daemon shutdown) or read arbitrary files. NOTE: it was later reported that 8.7.3.10 (aka 8.7.3 SP10) is also affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "novell-edirectory-embox-unspecified(41426)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41426"
},
{
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/876/3866911_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/876/3866911_f.SAL_Public.html"
},
{
"name": "20080505 Novell eDirectory unauthenticated access to SOAP interface",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491621/100/0/threaded"
},
{
"name": "1019691",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019691"
},
{
"name": "28441",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28441"
},
{
"name": "29527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29527"
},
{
"name": "ADV-2008-0988",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0988/references"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0926",
"datePublished": "2008-03-28T18:00:00",
"dateReserved": "2008-02-25T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1809 (GCVE-0-2008-1809)
Vulnerability from cvelistv5
Published
2008-07-14 18:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters."
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30175",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30175"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3843876"
},
{
"name": "1020470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020470"
},
{
"name": "ADV-2008-2062",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2062/references"
},
{
"name": "novell-edirectory-ldap-bo(43716)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43716"
},
{
"name": "20080709 Novell eDirectory LDAP Search Request Heap Corruption Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=724"
},
{
"name": "31036",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31036"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing \"NULL search parameters.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30175",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30175"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3843876"
},
{
"name": "1020470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020470"
},
{
"name": "ADV-2008-2062",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2062/references"
},
{
"name": "novell-edirectory-ldap-bo(43716)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43716"
},
{
"name": "20080709 Novell eDirectory LDAP Search Request Heap Corruption Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=724"
},
{
"name": "31036",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31036"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing \"NULL search parameters.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30175",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30175"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3843876",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3843876"
},
{
"name": "1020470",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020470"
},
{
"name": "ADV-2008-2062",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2062/references"
},
{
"name": "novell-edirectory-ldap-bo(43716)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43716"
},
{
"name": "20080709 Novell eDirectory LDAP Search Request Heap Corruption Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=724"
},
{
"name": "31036",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31036"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1809",
"datePublished": "2008-07-14T18:00:00",
"dateReserved": "2008-04-15T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-9267 (GCVE-0-2017-9267)
Vulnerability from cvelistv5
Published
2018-03-02 20:00
Modified
2024-09-16 17:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Novell | eDirectory |
Version: unspecified < 9.0.3.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:02:43.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "eDirectory",
"vendor": "Novell",
"versions": [
{
"lessThan": "9.0.3.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2017-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-757",
"description": "CWE-757",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:26",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
}
],
"source": {
"advisory": "7016794",
"defect": [
"977754"
],
"discovery": "INTERNAL"
},
"title": "eDirectory LDAP peer certificate validation issue",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2017-10-02T00:00:00.000Z",
"ID": "CVE-2017-9267",
"STATE": "PUBLIC",
"TITLE": "eDirectory LDAP peer certificate validation issue"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "eDirectory",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "9.0.3.1"
}
]
}
}
]
},
"vendor_name": "Novell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-757"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.novell.com/support/kb/doc.php?id=7016794",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
}
]
},
"source": {
"advisory": "7016794",
"defect": [
"977754"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2017-9267",
"datePublished": "2018-03-02T20:00:00Z",
"dateReserved": "2017-05-29T00:00:00",
"dateUpdated": "2024-09-16T17:52:55.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5478 (GCVE-0-2006-5478)
Vulnerability from cvelistv5
Published
2006-10-24 20:00
Modified
2024-08-07 19:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:52.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061028 ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050388.html"
},
{
"name": "20655",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20655"
},
{
"name": "20061026 ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/449899/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.mnin.org/advisories/2006_novell_httpstk.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-036.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-035.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html"
},
{
"name": "1017141",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017141"
},
{
"name": "1017125",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017125"
},
{
"name": "20061028 ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050382.html"
},
{
"name": "20061103 ZDI-06-036: Novell Netmail User Authentication Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/450520/100/100/threaded"
},
{
"name": "20061028 Re: [Full-disclosure] ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/450017/100/0/threaded"
},
{
"name": "ADV-2006-4141",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4141"
},
{
"name": "20853",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20853"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=3723994\u0026sliceId=SAL_Public\u0026dialogID=16776123\u0026stateId=1%200%202648401"
},
{
"name": "22519",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22519"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061028 ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050388.html"
},
{
"name": "20655",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20655"
},
{
"name": "20061026 ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/449899/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.mnin.org/advisories/2006_novell_httpstk.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-036.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-035.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html"
},
{
"name": "1017141",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017141"
},
{
"name": "1017125",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017125"
},
{
"name": "20061028 ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050382.html"
},
{
"name": "20061103 ZDI-06-036: Novell Netmail User Authentication Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/450520/100/100/threaded"
},
{
"name": "20061028 Re: [Full-disclosure] ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/450017/100/0/threaded"
},
{
"name": "ADV-2006-4141",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4141"
},
{
"name": "20853",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20853"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=3723994\u0026sliceId=SAL_Public\u0026dialogID=16776123\u0026stateId=1%200%202648401"
},
{
"name": "22519",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22519"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061028 ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050388.html"
},
{
"name": "20655",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20655"
},
{
"name": "20061026 ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/449899/100/0/threaded"
},
{
"name": "http://www.mnin.org/advisories/2006_novell_httpstk.pdf",
"refsource": "MISC",
"url": "http://www.mnin.org/advisories/2006_novell_httpstk.pdf"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-036.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-036.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-035.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-035.html"
},
{
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html"
},
{
"name": "1017141",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017141"
},
{
"name": "1017125",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017125"
},
{
"name": "20061028 ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050382.html"
},
{
"name": "20061103 ZDI-06-036: Novell Netmail User Authentication Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450520/100/100/threaded"
},
{
"name": "20061028 Re: [Full-disclosure] ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/450017/100/0/threaded"
},
{
"name": "ADV-2006-4141",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4141"
},
{
"name": "20853",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20853"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
},
{
"name": "http://www.novell.com/support/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=3723994\u0026sliceId=SAL_Public\u0026dialogID=16776123\u0026stateId=1%200%202648401",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=3723994\u0026sliceId=SAL_Public\u0026dialogID=16776123\u0026stateId=1%200%202648401"
},
{
"name": "22519",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22519"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5478",
"datePublished": "2006-10-24T20:00:00",
"dateReserved": "2006-10-24T00:00:00",
"dateUpdated": "2024-08-07T19:55:52.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2456 (GCVE-0-2009-2456)
Vulnerability from cvelistv5
Published
2009-07-14 20:16
Modified
2024-08-07 05:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (ndsd core dump) via an LDAP request containing multiple . (dot) wildcard characters in the Relative Distinguished Name (RDN).
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:52:14.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34160"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "55848",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/55848"
},
{
"name": "edirectory-rdns-dos(51705)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51705"
},
{
"name": "35666",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35666"
},
{
"name": "ADV-2009-1883",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1883"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DS\\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (ndsd core dump) via an LDAP request containing multiple . (dot) wildcard characters in the Relative Distinguished Name (RDN)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34160"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "55848",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/55848"
},
{
"name": "edirectory-rdns-dos(51705)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51705"
},
{
"name": "35666",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35666"
},
{
"name": "ADV-2009-1883",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1883"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DS\\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (ndsd core dump) via an LDAP request containing multiple . (dot) wildcard characters in the Relative Distinguished Name (RDN)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34160"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3426981",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "55848",
"refsource": "OSVDB",
"url": "http://osvdb.org/55848"
},
{
"name": "edirectory-rdns-dos(51705)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51705"
},
{
"name": "35666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35666"
},
{
"name": "ADV-2009-1883",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1883"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2456",
"datePublished": "2009-07-14T20:16:00",
"dateReserved": "2009-07-14T00:00:00",
"dateUpdated": "2024-08-07T05:52:14.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4654 (GCVE-0-2009-4654)
Vulnerability from cvelistv5
Published
2010-02-26 18:09
Modified
2024-08-07 07:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:08:37.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37042",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37042"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://tcc.hellcode.net/advisories/hellcode-adv005.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/37042-2.pl"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://tcc.hellcode.net/sploitz/httpstk.txt"
},
{
"name": "20091117 Hellcode Research: Novell eDirectory HTTPSTK Login Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507926/100/0/threaded"
},
{
"name": "1023188",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023188"
},
{
"name": "edirectory-httpstk-bo(54308)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54308"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "37042",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37042"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://tcc.hellcode.net/advisories/hellcode-adv005.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/37042-2.pl"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://tcc.hellcode.net/sploitz/httpstk.txt"
},
{
"name": "20091117 Hellcode Research: Novell eDirectory HTTPSTK Login Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507926/100/0/threaded"
},
{
"name": "1023188",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023188"
},
{
"name": "edirectory-httpstk-bo(54308)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54308"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4654",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37042"
},
{
"name": "http://tcc.hellcode.net/advisories/hellcode-adv005.txt",
"refsource": "MISC",
"url": "http://tcc.hellcode.net/advisories/hellcode-adv005.txt"
},
{
"name": "http://downloads.securityfocus.com/vulnerabilities/exploits/37042-2.pl",
"refsource": "MISC",
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/37042-2.pl"
},
{
"name": "http://tcc.hellcode.net/sploitz/httpstk.txt",
"refsource": "MISC",
"url": "http://tcc.hellcode.net/sploitz/httpstk.txt"
},
{
"name": "20091117 Hellcode Research: Novell eDirectory HTTPSTK Login Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507926/100/0/threaded"
},
{
"name": "1023188",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023188"
},
{
"name": "edirectory-httpstk-bo(54308)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54308"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4654",
"datePublished": "2010-02-26T18:09:00",
"dateReserved": "2010-02-26T00:00:00",
"dateUpdated": "2024-08-07T07:08:37.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4655 (GCVE-0-2009-4655)
Vulnerability from cvelistv5
Published
2010-02-26 18:09
Modified
2024-08-07 07:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:08:38.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.metasploit.com/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie"
},
{
"name": "60035",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/60035"
},
{
"name": "edirectory-dhost-session-hijacking(56613)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56613"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie.rb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.metasploit.com/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie"
},
{
"name": "60035",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/60035"
},
{
"name": "edirectory-dhost-session-hijacking(56613)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56613"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie.rb"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.metasploit.com/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie",
"refsource": "MISC",
"url": "http://www.metasploit.com/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie"
},
{
"name": "60035",
"refsource": "OSVDB",
"url": "http://osvdb.org/60035"
},
{
"name": "edirectory-dhost-session-hijacking(56613)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56613"
},
{
"name": "http://www.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie.rb",
"refsource": "MISC",
"url": "http://www.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie.rb"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4655",
"datePublished": "2010-02-26T18:09:00",
"dateReserved": "2010-02-26T00:00:00",
"dateUpdated": "2024-08-07T07:08:38.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0112 (GCVE-0-2004-0112)
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9899",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "SSRT4717",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"name": "RHSA-2004:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "MDKSA-2004:023",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"name": "CLA-2004:834",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "57524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "SuSE-SA:2004:007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"name": "NetBSD-SA2004-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"name": "O-101",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"name": "TA04-078A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "oval:org.mitre.oval:def:1049",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
},
{
"name": "openssl-kerberos-ciphersuites-dos(15508)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
},
{
"name": "VU#484726",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/484726"
},
{
"name": "GLSA-200403-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "oval:org.mitre.oval:def:9580",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
},
{
"name": "11139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"name": "APPLE-SA-2005-08-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "SSA:2004-077",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"name": "2004-0012",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "APPLE-SA-2005-08-17",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "oval:org.mitre.oval:def:928",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9899",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "SSRT4717",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"name": "RHSA-2004:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "MDKSA-2004:023",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"name": "CLA-2004:834",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "57524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "SuSE-SA:2004:007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"name": "NetBSD-SA2004-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"name": "O-101",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"name": "TA04-078A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "oval:org.mitre.oval:def:1049",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
},
{
"name": "openssl-kerberos-ciphersuites-dos(15508)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
},
{
"name": "VU#484726",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/484726"
},
{
"name": "GLSA-200403-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "oval:org.mitre.oval:def:9580",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
},
{
"name": "11139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"name": "APPLE-SA-2005-08-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "SSA:2004-077",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"name": "2004-0012",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "APPLE-SA-2005-08-17",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "oval:org.mitre.oval:def:928",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "SSRT4717",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2"
},
{
"name": "RHSA-2004:121",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "MDKSA-2004:023",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023"
},
{
"name": "CLA-2004:834",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "57524",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "SuSE-SA:2004:007",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html"
},
{
"name": "http://lists.apple.com/mhonarc/security-announce/msg00045.html",
"refsource": "CONFIRM",
"url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html"
},
{
"name": "http://www.openssl.org/news/secadv_20040317.txt",
"refsource": "CONFIRM",
"url": "http://www.openssl.org/news/secadv_20040317.txt"
},
{
"name": "NetBSD-SA2004-005",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc"
},
{
"name": "O-101",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-101.shtml"
},
{
"name": "TA04-078A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "oval:org.mitre.oval:def:1049",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049"
},
{
"name": "openssl-kerberos-ciphersuites-dos(15508)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508"
},
{
"name": "VU#484726",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/484726"
},
{
"name": "GLSA-200403-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "oval:org.mitre.oval:def:9580",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580"
},
{
"name": "11139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2"
},
{
"name": "APPLE-SA-2005-08-15",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "SSA:2004-077",
"refsource": "SLACKWARE",
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961"
},
{
"name": "2004-0012",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=61798",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"name": "APPLE-SA-2005-08-17",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "oval:org.mitre.oval:def:928",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0112",
"datePublished": "2004-03-18T05:00:00",
"dateReserved": "2004-02-02T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4480 (GCVE-0-2008-4480)
Vulnerability from cvelistv5
Published
2008-10-14 22:00
Modified
2024-08-07 10:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.792Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "ADV-2008-2738",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "4404",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4404"
},
{
"name": "32111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32111"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-066/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3477912"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "20081008 ZDI-08-066: Novell eDirectory Core Protocol Opcode 0x24 Heap Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497169/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7001183\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"name": "1020990",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020990"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "ADV-2008-2738",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "4404",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4404"
},
{
"name": "32111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32111"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-066/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3477912"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "20081008 ZDI-08-066: Novell eDirectory Core Protocol Opcode 0x24 Heap Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497169/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7001183\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"name": "1020990",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020990"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4480",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3426981",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "ADV-2008-2738",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "4404",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4404"
},
{
"name": "32111",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32111"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-066/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-066/"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3477912",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3477912"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "20081008 ZDI-08-066: Novell eDirectory Core Protocol Opcode 0x24 Heap Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497169/100/0/threaded"
},
{
"name": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7001183\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7001183\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"name": "1020990",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020990"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4480",
"datePublished": "2008-10-14T22:00:00",
"dateReserved": "2008-10-07T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9168 (GCVE-0-2016-9168)
Vulnerability from cvelistv5
Published
2017-03-23 06:36
Modified
2024-08-06 02:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- clickjacking
Summary
A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Novell eDirectory |
Version: Novell eDirectory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:42:10.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"name": "97320",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97320"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Novell eDirectory",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Novell eDirectory"
}
]
}
],
"datePublic": "2017-03-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "clickjacking",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:46",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"name": "97320",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97320"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2016-9168",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Novell eDirectory",
"version": {
"version_data": [
{
"version_value": "Novell eDirectory"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "clickjacking"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.novell.com/support/kb/doc.php?id=7016794",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7016794"
},
{
"name": "97320",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97320"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2016-9168",
"datePublished": "2017-03-23T06:36:00",
"dateReserved": "2016-11-03T00:00:00",
"dateUpdated": "2024-08-06T02:42:10.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2496 (GCVE-0-2006-2496)
Vulnerability from cvelistv5
Published
2006-05-20 02:59
Modified
2024-08-07 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:51:04.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18026",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18026"
},
{
"name": "ADV-2006-1850",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1850"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973759.htm"
},
{
"name": "20060522 ZDI-06-016: Novell eDirectory 8.8 NDS Server Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/434723/100/0/threaded"
},
{
"name": "novell-imonitor-bo(26524)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26524"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-016.html"
},
{
"name": "20139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20139"
},
{
"name": "25781",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25781"
},
{
"name": "1016120",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016120"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18026",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18026"
},
{
"name": "ADV-2006-1850",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1850"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973759.htm"
},
{
"name": "20060522 ZDI-06-016: Novell eDirectory 8.8 NDS Server Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/434723/100/0/threaded"
},
{
"name": "novell-imonitor-bo(26524)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26524"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-016.html"
},
{
"name": "20139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20139"
},
{
"name": "25781",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25781"
},
{
"name": "1016120",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016120"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18026",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18026"
},
{
"name": "ADV-2006-1850",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1850"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973759.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973759.htm"
},
{
"name": "20060522 ZDI-06-016: Novell eDirectory 8.8 NDS Server Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/434723/100/0/threaded"
},
{
"name": "novell-imonitor-bo(26524)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26524"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-016.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-016.html"
},
{
"name": "20139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20139"
},
{
"name": "25781",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25781"
},
{
"name": "1016120",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016120"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2496",
"datePublished": "2006-05-20T02:59:00",
"dateReserved": "2006-05-19T00:00:00",
"dateUpdated": "2024-08-07T17:51:04.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4478 (GCVE-0-2008-4478)
Vulnerability from cvelistv5
Published
2008-10-14 22:00
Modified
2024-08-07 10:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-065"
},
{
"name": "4406",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4406"
},
{
"name": "novell-edirectory-httpcontentlength-dos(45628)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45628"
},
{
"name": "1020989",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020989"
},
{
"name": "ADV-2008-2738",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "32111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32111"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-063"
},
{
"name": "20081008 ZDI-08-063: Novell eDirectory dhost.exe Content-Length Header Heap Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497163/100/0/threaded"
},
{
"name": "20081008 ZDI-08-065: Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497165/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7000087\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7001184\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"name": "1020990",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020990"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-065"
},
{
"name": "4406",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4406"
},
{
"name": "novell-edirectory-httpcontentlength-dos(45628)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45628"
},
{
"name": "1020989",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020989"
},
{
"name": "ADV-2008-2738",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "32111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32111"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-063"
},
{
"name": "20081008 ZDI-08-063: Novell eDirectory dhost.exe Content-Length Header Heap Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497163/100/0/threaded"
},
{
"name": "20081008 ZDI-08-065: Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497165/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7000087\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7001184\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"name": "1020990",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020990"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-065",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-065"
},
{
"name": "4406",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4406"
},
{
"name": "novell-edirectory-httpcontentlength-dos(45628)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45628"
},
{
"name": "1020989",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020989"
},
{
"name": "ADV-2008-2738",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "32111",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32111"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-063",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-063"
},
{
"name": "20081008 ZDI-08-063: Novell eDirectory dhost.exe Content-Length Header Heap Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497163/100/0/threaded"
},
{
"name": "20081008 ZDI-08-065: Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497165/100/0/threaded"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7000087\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7000087\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"name": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7001184\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7001184\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"name": "1020990",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020990"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4478",
"datePublished": "2008-10-14T22:00:00",
"dateReserved": "2008-10-07T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4479 (GCVE-0-2008-4479)
Vulnerability from cvelistv5
Published
2008-10-14 22:00
Modified
2024-08-07 10:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7000086\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"name": "1020989",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020989"
},
{
"name": "ADV-2008-2738",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-064"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "20081008 ZDI-08-064: Novell eDirectory dhost.exe Accept Language Header Heap Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497164/100/0/threaded"
},
{
"name": "32111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32111"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "4405",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4405"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7000086\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"name": "1020989",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020989"
},
{
"name": "ADV-2008-2738",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-064"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "20081008 ZDI-08-064: Novell eDirectory dhost.exe Accept Language Header Heap Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497164/100/0/threaded"
},
{
"name": "32111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32111"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "4405",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4405"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4479",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7000086\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=7000086\u0026sliceId=1\u0026docTypeID=DT_TID_1_1\u0026dialogID=78066829\u0026stateId=0%200%2078062953"
},
{
"name": "1020989",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020989"
},
{
"name": "ADV-2008-2738",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2738"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-064",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-064"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html"
},
{
"name": "20081008 ZDI-08-064: Novell eDirectory dhost.exe Accept Language Header Heap Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497164/100/0/threaded"
},
{
"name": "32111",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32111"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html"
},
{
"name": "4405",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4405"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4479",
"datePublished": "2008-10-14T22:00:00",
"dateReserved": "2008-10-07T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0081 (GCVE-0-2004-0081)
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2024-08-08 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9899",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "ESA-20040317-003",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
},
{
"name": "RHSA-2004:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "CLA-2004:834",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "20040304-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
},
{
"name": "openssl-tls-dos(15509)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "FEDORA-2004-095",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"name": "57524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "oval:org.mitre.oval:def:871",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
},
{
"name": "oval:org.mitre.oval:def:11755",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
},
{
"name": "VU#465542",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/465542"
},
{
"name": "TA04-078A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "GLSA-200403-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "11139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "RHSA-2004:119",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
},
{
"name": "oval:org.mitre.oval:def:902",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
},
{
"name": "RHSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"name": "2004-0012",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"name": "DSA-465",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-465"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9899",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "ESA-20040317-003",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
},
{
"name": "RHSA-2004:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "CLA-2004:834",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "20040304-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
},
{
"name": "openssl-tls-dos(15509)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "FEDORA-2004-095",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"name": "57524",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "oval:org.mitre.oval:def:871",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
},
{
"name": "oval:org.mitre.oval:def:11755",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
},
{
"name": "VU#465542",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/465542"
},
{
"name": "TA04-078A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "GLSA-200403-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "11139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "RHSA-2004:119",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
},
{
"name": "oval:org.mitre.oval:def:902",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
},
{
"name": "RHSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"name": "2004-0012",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"name": "DSA-465",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-465"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9899"
},
{
"name": "ESA-20040317-003",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html"
},
{
"name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2"
},
{
"name": "RHSA-2004:121",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-121.html"
},
{
"name": "CLA-2004:834",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834"
},
{
"name": "SCOSA-2004.10",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt"
},
{
"name": "20040304-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc"
},
{
"name": "openssl-tls-dos(15509)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm"
},
{
"name": "FEDORA-2004-095",
"refsource": "FEDORA",
"url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml"
},
{
"name": "57524",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524"
},
{
"name": "oval:org.mitre.oval:def:871",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871"
},
{
"name": "oval:org.mitre.oval:def:11755",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755"
},
{
"name": "VU#465542",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/465542"
},
{
"name": "TA04-078A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html"
},
{
"name": "GLSA-200403-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200403-03.xml"
},
{
"name": "11139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11139"
},
{
"name": "RHSA-2004:120",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-120.html"
},
{
"name": "RHSA-2004:119",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2004-119.html"
},
{
"name": "oval:org.mitre.oval:def:902",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902"
},
{
"name": "RHSA-2004:139",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-139.html"
},
{
"name": "2004-0012",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0012"
},
{
"name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2"
},
{
"name": "20040317 Cisco OpenSSL Implementation Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml"
},
{
"name": "DSA-465",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-465"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0081",
"datePublished": "2004-03-18T05:00:00",
"dateReserved": "2004-01-19T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0666 (GCVE-0-2010-0666)
Vulnerability from cvelistv5
Published
2010-02-19 17:00
Modified
2024-09-17 03:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote attackers to cause a denial of service (crash) via unknown a crafted SOAP request, a different issue than CVE-2008-0926.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:38.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1023558",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023558"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=InfoDocument-patchbuilder-readme5067743\u0026sliceId=\u0026docTypeID=DT_SUSESDB_PSDB_1_1\u0026dialogID=122457794\u0026stateId=0%200%20122459671"
},
{
"name": "ADV-2010-0334",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0334"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote attackers to cause a denial of service (crash) via unknown a crafted SOAP request, a different issue than CVE-2008-0926."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-02-19T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1023558",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023558"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=InfoDocument-patchbuilder-readme5067743\u0026sliceId=\u0026docTypeID=DT_SUSESDB_PSDB_1_1\u0026dialogID=122457794\u0026stateId=0%200%20122459671"
},
{
"name": "ADV-2010-0334",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0334"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote attackers to cause a denial of service (crash) via unknown a crafted SOAP request, a different issue than CVE-2008-0926."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3426981",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "1023558",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023558"
},
{
"name": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=InfoDocument-patchbuilder-readme5067743\u0026sliceId=\u0026docTypeID=DT_SUSESDB_PSDB_1_1\u0026dialogID=122457794\u0026stateId=0%200%20122459671",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/php/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=InfoDocument-patchbuilder-readme5067743\u0026sliceId=\u0026docTypeID=DT_SUSESDB_PSDB_1_1\u0026dialogID=122457794\u0026stateId=0%200%20122459671"
},
{
"name": "ADV-2010-0334",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0334"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0666",
"datePublished": "2010-02-19T17:00:00Z",
"dateReserved": "2010-02-19T00:00:00Z",
"dateUpdated": "2024-09-17T03:12:27.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2119 (GCVE-0-2002-2119)
Vulnerability from cvelistv5
Published
2005-08-05 04:00
Modified
2024-09-16 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020530 Security Implications of Novell eDirectory.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0273.html"
},
{
"name": "novell-edirectory-insecure-passwords(9229)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9229.php"
},
{
"name": "4893",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4893"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-08-05T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020530 Security Implications of Novell eDirectory.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0273.html"
},
{
"name": "novell-edirectory-insecure-passwords(9229)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9229.php"
},
{
"name": "4893",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4893"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020530 Security Implications of Novell eDirectory.",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0273.html"
},
{
"name": "novell-edirectory-insecure-passwords(9229)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9229.php"
},
{
"name": "4893",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4893"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2119",
"datePublished": "2005-08-05T04:00:00Z",
"dateReserved": "2005-08-05T00:00:00Z",
"dateUpdated": "2024-09-16T16:27:39.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5479 (GCVE-0-2006-5479)
Vulnerability from cvelistv5
Published
2006-10-24 20:00
Modified
2024-09-16 17:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote attackers to cause an unspecified denial of service via a certain "NCP Fragment."
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:52.622Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote attackers to cause an unspecified denial of service via a certain \"NCP Fragment.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-10-24T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5479",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote attackers to cause an unspecified denial of service via a certain \"NCP Fragment.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5479",
"datePublished": "2006-10-24T20:00:00Z",
"dateReserved": "2006-10-24T00:00:00Z",
"dateUpdated": "2024-09-16T17:08:22.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0927 (GCVE-0-2008-0927)
Vulnerability from cvelistv5
Published
2008-04-14 16:00
Modified
2024-08-07 08:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. NOTE: this might be similar to CVE-2008-1777.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080505 Novell eDirectory DoS via HTTP headers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491622/100/0/threaded"
},
{
"name": "1019836",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019836"
},
{
"name": "29805",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29805"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3829452\u0026sliceId=1"
},
{
"name": "ADV-2008-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1217/references"
},
{
"name": "novell-edirectory-dhost-dos(41787)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41787"
},
{
"name": "28757",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28757"
},
{
"name": "5547",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5547"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. NOTE: this might be similar to CVE-2008-1777."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080505 Novell eDirectory DoS via HTTP headers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/491622/100/0/threaded"
},
{
"name": "1019836",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019836"
},
{
"name": "29805",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29805"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3829452\u0026sliceId=1"
},
{
"name": "ADV-2008-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1217/references"
},
{
"name": "novell-edirectory-dhost-dos(41787)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41787"
},
{
"name": "28757",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28757"
},
{
"name": "5547",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5547"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0927",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. NOTE: this might be similar to CVE-2008-1777."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080505 Novell eDirectory DoS via HTTP headers",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491622/100/0/threaded"
},
{
"name": "1019836",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019836"
},
{
"name": "29805",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29805"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3829452\u0026sliceId=1",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3829452\u0026sliceId=1"
},
{
"name": "ADV-2008-1217",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1217/references"
},
{
"name": "novell-edirectory-dhost-dos(41787)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41787"
},
{
"name": "28757",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28757"
},
{
"name": "5547",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5547"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0927",
"datePublished": "2008-04-14T16:00:00",
"dateReserved": "2008-02-25T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4510 (GCVE-0-2006-4510)
Vulnerability from cvelistv5
Published
2006-10-24 19:00
Modified
2024-08-07 19:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which triggers an invalid free of unallocated memory.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20663",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20663"
},
{
"name": "edirectory-eventsrequest-code-execution(29752)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29752"
},
{
"name": "20061022 Novell eDirectory evtFilteredMonitorEventsRequest Invalid Free Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=428"
},
{
"name": "22506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22506"
},
{
"name": "1017104",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017104"
},
{
"name": "ADV-2006-4142",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which triggers an invalid free of unallocated memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20663",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20663"
},
{
"name": "edirectory-eventsrequest-code-execution(29752)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29752"
},
{
"name": "20061022 Novell eDirectory evtFilteredMonitorEventsRequest Invalid Free Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=428"
},
{
"name": "22506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22506"
},
{
"name": "1017104",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017104"
},
{
"name": "ADV-2006-4142",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4510",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which triggers an invalid free of unallocated memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20663",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20663"
},
{
"name": "edirectory-eventsrequest-code-execution(29752)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29752"
},
{
"name": "20061022 Novell eDirectory evtFilteredMonitorEventsRequest Invalid Free Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=428"
},
{
"name": "22506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22506"
},
{
"name": "1017104",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017104"
},
{
"name": "ADV-2006-4142",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4510",
"datePublished": "2006-10-24T19:00:00",
"dateReserved": "2006-08-31T00:00:00",
"dateUpdated": "2024-08-07T19:14:47.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0192 (GCVE-0-2009-0192)
Vulnerability from cvelistv5
Published
2009-07-14 20:16
Modified
2024-08-07 04:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34160"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "edirectory-imonitor-acceptlanguage-bo(51703)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51703"
},
{
"name": "20090714 Secunia Research: Novell eDirectory iMonitor \"Accept-Language\" Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504924/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-13/"
},
{
"name": "55847",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/55847"
},
{
"name": "35666",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35666"
},
{
"name": "ADV-2009-1883",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1883"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "34160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34160"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "edirectory-imonitor-acceptlanguage-bo(51703)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51703"
},
{
"name": "20090714 Secunia Research: Novell eDirectory iMonitor \"Accept-Language\" Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504924/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-13/"
},
{
"name": "55847",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/55847"
},
{
"name": "35666",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35666"
},
{
"name": "ADV-2009-1883",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1883"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-0192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34160"
},
{
"name": "http://www.novell.com/support/viewContent.do?externalId=3426981",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "edirectory-imonitor-acceptlanguage-bo(51703)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51703"
},
{
"name": "20090714 Secunia Research: Novell eDirectory iMonitor \"Accept-Language\" Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504924/100/0/threaded"
},
{
"name": "http://secunia.com/secunia_research/2009-13/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-13/"
},
{
"name": "55847",
"refsource": "OSVDB",
"url": "http://osvdb.org/55847"
},
{
"name": "35666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35666"
},
{
"name": "ADV-2009-1883",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1883"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2009-0192",
"datePublished": "2009-07-14T20:16:00",
"dateReserved": "2009-01-20T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}