Lucene search

[email protected]CVE-2008-3159

HistoryJul 14, 2008 - 6:41 p.m.

CVE-2008-3159

2008-07-1418:41:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2008-3159

integer overflow

ds.dlm

novell edirectory

remote code execution

stack-based buffer overflow

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.285 Low

EPSS

Percentile

96.9%

JSON

Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to “flawed arithmetic.”

Affected configurations

NVD

Node

novelledirectoryMatch8.7.3

novelledirectoryMatch8.8

CPENameOperatorVersion
novell:edirectorynovell edirectoryeq8.7.3
novell:edirectorynovell edirectoryeq8.8

CPE	Name	Operator	Version
novell:edirectory	novell edirectory	eq	8.7.3
novell:edirectory	novell edirectory	eq	8.8

References

secunia.com/advisories/30938

securitytracker.com/id?1020431

www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3694858

www.securityfocus.com/bid/30085

www.vupen.com/english/advisories/2008/1999

www.zerodayinitiative.com/advisories/ZDI-08-041/

exchange.xforce.ibmcloud.com/vulnerabilities/43589

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.285 Low

EPSS

Percentile

96.9%

JSON

Related for CVE-2008-3159

nvd1 cvelist1 prion1 zdi1 nessus1