Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1809

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-1809
Last Modified 07 Mar 2011 10:07:40
Published 14 Jul 2008 02:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1809

Summary

Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters."

Vulnerable Systems

Application

  • Novell Edirectory 8.7.3

  • Novell Edirectory 8.8


References

CONFIRM - http://www.novell.com/support/viewContent.do?externalId=3843876

XF - novell-edirectory-ldap-bo(43716)

VUPEN - ADV-2008-2062

SECTRACK - 1020470

BID - 30175

SECUNIA - 31036

IDEFENSE - 20080709 Novell eDirectory LDAP Search Request Heap Corruption Vulnerability


Last Updated: 27 May 2016 10:47:40