Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5092

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-5092
Last Modified 30 Oct 2012 11:06:46
Published 14 Nov 2008 02:20:54
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5092

Summary

Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header.

Vulnerable Systems

Application

  • Novell Edirectory 8.0

  • Novell Edirectory 8.5

  • Novell Edirectory 8.5.12a

  • Novell Edirectory 8.5.27

  • Novell Edirectory 8.6.2

  • Novell Edirectory 8.7

  • Novell Edirectory 8.7.1

  • Novell Edirectory 8.7.3

  • Novell Edirectory 8.7.3.10

  • Novell Edirectory 8.7.3.8

  • Novell Edirectory 8.7.3.8 Presp9

  • Novell Edirectory 8.7.3.9

  • Novell Edirectory 8.8

  • Novell Edirectory 8.8.1

  • Novell Edirectory 8.8.2

  • Novell Edirectory 85.20


References

VUPEN - ADV-2008-2462

SECTRACK - 1020786

CONFIRM - http://www.novell.com/support/viewContent.do?externalId=3426981

BID - 30947


Last Updated: 27 May 2016 10:49:47