Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5091

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-5091
Last Modified 30 Oct 2012 11:06:46
Published 14 Nov 2008 02:20:54
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5091

Summary

Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter."

Vulnerable Systems

Application

  • Novell Edirectory 8.0

  • Novell Edirectory 8.5

  • Novell Edirectory 8.5.12a

  • Novell Edirectory 8.5.27

  • Novell Edirectory 8.6.2

  • Novell Edirectory 8.7

  • Novell Edirectory 8.7.1

  • Novell Edirectory 8.7.3

  • Novell Edirectory 8.7.3.10

  • Novell Edirectory 8.7.3.8

  • Novell Edirectory 8.7.3.8 Presp9

  • Novell Edirectory 8.7.3.9

  • Novell Edirectory 8.8

  • Novell Edirectory 8.8.1

  • Novell Edirectory 8.8.2


References

MISC - https://bugzilla.novell.com/show_bug.cgi?id=373853

XF - novell-edirectory-extensiblematch-dos(43590)

VUPEN - ADV-2008-2462

SECTRACK - 1020788

CONFIRM - http://www.novell.com/support/viewContent.do?externalId=3477912

CONFIRM - http://www.novell.com/support/viewContent.do?externalId=3426981

CONFIRM - http://www.novell.com/documentation/edir873/sp10_readme/netware/readme.txt

BID - 30947


Last Updated: 27 May 2016 10:49:47