Lucene search

PRIOn knowledge basePRION:CVE-2008-0926

HistoryMar 28, 2008 - 6:44 p.m.

Authentication flaw

2008-03-2818:44:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.346 Low

EPSS

Percentile

97.0%

JSON

The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 and earlier, and 8.8.x before 8.8.2, relies on client-side authentication, which allows remote attackers to bypass authentication via requests for /SOAP URIs, and cause a denial of service (daemon shutdown) or read arbitrary files. NOTE: it was later reported that 8.7.3.10 (aka 8.7.3 SP10) is also affected.

CPENameOperatorVersion
edirectoryeq8.7.3.9
edirectoryeq8.6.2
edirectoryeq8.5.27
edirectoryeq8.7
edirectoryeq8.8
edirectoryeq8.7.3
edirectoryeq8.5.1297
edirectoryeq8.5
edirectoryeq8.7.38-presp9
edirectoryeq8.7.1

Name	Operator	Version
edirectory	eq	8.7.3.9
edirectory	eq	8.6.2
edirectory	eq	8.5.27
edirectory	eq	8.7
edirectory	eq	8.8
edirectory	eq	8.7.3
edirectory	eq	8.5.1297
edirectory	eq	8.5
edirectory	eq	8.7.38-presp9
edirectory	eq	8.7.1

Rows per page:

1-10 of 131

References

secunia.com/advisories/29527

www.securityfocus.com/archive/1/491621/100/0/threaded

www.securityfocus.com/bid/28441

www.securitytracker.com/id?1019691

www.vupen.com/english/advisories/2008/0988/references

exchange.xforce.ibmcloud.com/vulnerabilities/41426

secure-support.novell.com/KanisaPlatform/Publishing/876/3866911_f.SAL_Public.html

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.346 Low

EPSS

Percentile

97.0%

JSON

Related for PRION:CVE-2008-0926