Lucene search

[email protected]CVE-2008-2145

HistoryMay 12, 2008 - 7:20 p.m.

CVE-2008-2145

2008-05-1219:20:00

CWE-119

[email protected]

web.nvd.nist.gov

novell client

buffer overflow

denial of service

arbitrary code

cve-2008-2145

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.1%

JSON

Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the “forgotten password” dialog.

Affected configurations

NVD

Node

novellclientMatch4.91sp1

novellclientMatch4.91sp2

novellclientMatch4.91sp3

novellclientMatch4.91sp4

CPENameOperatorVersion
novell:clientnovell clienteq4.91

CPE	Name	Operator	Version
novell:client	novell client	eq	4.91

References

secunia.com/advisories/30126

securityreason.com/securityalert/3868

www.securityfocus.com/archive/1/491814/100/0/threaded

www.securityfocus.com/bid/29109

www.securitytracker.com/id?1020020

www.vupen.com/english/advisories/2008/1503

exchange.xforce.ibmcloud.com/vulnerabilities/42359

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.1%

JSON

Related for CVE-2008-2145

nvd1 prion1 cvelist1