Lucene search

[email protected]CVE-2006-4510

HistoryOct 24, 2006 - 7:07 p.m.

CVE-2006-4510

2006-10-2419:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-4510

novell edirectory

ldap

remote code execution

security vulnerability

nvd

7.6 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.909 High

EPSS

Percentile

98.8%

JSON

The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which triggers an invalid free of unallocated memory.

CPENameOperatorVersion
novell:edirectorynovell edirectoryeq8.8
novell:edirectorynovell edirectoryeq8.8.1

CPE	Name	Operator	Version
novell:edirectory	novell edirectory	eq	8.8
novell:edirectory	novell edirectory	eq	8.8.1

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=428

secunia.com/advisories/22506

securitytracker.com/id?1017104

www.securityfocus.com/bid/20663

www.vupen.com/english/advisories/2006/4142

exchange.xforce.ibmcloud.com/vulnerabilities/29752

7.6 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.909 High

EPSS

Percentile

98.8%

JSON

Related for CVE-2006-4510

checkpoint_advisories5 securityvulns1