Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3159

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-3159
Last Modified 07 Mar 2011 10:10:18
Published 14 Jul 2008 02:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3159

Summary

Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."

Vulnerable Systems

Application

  • Novell Edirectory 8.7.3

  • Novell Edirectory 8.8


References

XF - novell-edirectory-dsdlm-bo(43589)

MISC - http://www.zerodayinitiative.com/advisories/ZDI-08-041/

VUPEN - ADV-2008-1999

BID - 30085

CONFIRM - http://www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3694858

SECTRACK - 1020431

SECUNIA - 30938


Last Updated: 27 May 2016 10:48:06