805 matches found
CVE-2008-5038
Use-after-free vulnerability in the NetWare Core Protocol NCP feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name"...
Design/Logic Flaw
Use-after-free vulnerability in the NetWare Core Protocol NCP feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name"...
CVE-2008-5038
CVE-2008-5038 analyzes a Use-After-Free in the NetWare Core Protocol (NCP) of Novell eDirectory. Affected: eDirectory 8.7.3 SP10 before SP10 FTF1 and 8.8 SP2 for Windows. Root cause: memory corruption caused by a sequence of Get NCP Extension Information By Name requests that cause one thread to ...
CVE-2008-5038
Use-after-free vulnerability in the NetWare Core Protocol NCP feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name"...
Yosemite Backup Service Driver Detection
The remote host is running Yosemite Backup, a commercial backup solution for Windows, Linux, and Novell NetWare and targetting small-to-medium sized businesses. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid34756...
PT-2008-6192 · Novell +1 · Netware Core Protocol +2
Name of the Vulnerable Software and Affected Versions: Novell eDirectory versions 8.7.3 SP10 through 8.7.3 SP10 before FTF1 Novell eDirectory version 8.8 SP2 for Windows Description: The issue is related to a use-after-free vulnerability in the NetWare Core Protocol NCP feature. This vulnerabilit...
CVE-2008-4480
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer...
CVE-2008-4478
Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted 1 Content-Length header in a SOAP request or 2 Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer...
Integer overflow
Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted 1 Content-Length header in a SOAP request or 2 Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer...
CVE-2008-4480
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer...
CVE-2008-4478
Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted 1 Content-Length header in a SOAP request or 2 Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer...
Novell eDirectory多个缓冲区溢出漏洞
BUGTRAQ ID: 31553 CVE ID:CVE-2008-4478 CVE-2008-4479 CVE-2008-4480 CNCVE ID:CNCVE-20084478 CNCVE-20084479 CNCVE-20084480 Novell eDirectory是一款支持轻量目录访问协议LDAP并基于目录的身份管理系统。 Novell eDirectory存在多个缓冲区溢出如下: -WEB控制台运行在TCP...
Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within dhost.exe, the service responsible for directory replication which is bound b...
netbeware.txt
Novell Netware 6.5 Remote Manager HTML Injection Exploit Username: Password: Example -- Username: "var ex=new ActiveXObject"WScript.Shell";ex.run'cmd.exe /C ver';...
CA ARCserve Backup Discovery Service Denial of Service Vulnerability
Title: CA ARCserve Backup Discovery Service Denial of Service Vulnerability CA Advisory Date: 2008-06-17 Reported By: Luigi Auriemma Impact: A remote attacker can cause a denial of service. Summary: CA ARCserve Backup contains a vulnerability in the Discovery service casdscsvc that can allow a...
Novell Client <= 4.91 SP4 Local Stack overflow / B.S.O.D (unauthentificated user)
Application: Novell Client = 4.91 SP4 Web Site: http://www.novell.com/products/clients/ Platform: Windows Bug: Local Stack overflow / B.S.O.D unauthentificated user Impact: Critical ------------------------------------------------------- 1 Introduction 2 Bug 3 Proof of concept 4 Credits =========...
Novell Netware Client buffer overflow
Buffer overflow in password reminder on oversized username...
CVE-2008-1701
Novell NetWare 6.5 allows attackers to cause a denial of service ABEND via a crafted Macintosh iPrint client request...
Server side request forgery (ssrf)
Novell NetWare 6.5 allows attackers to cause a denial of service ABEND via a crafted Macintosh iPrint client request...
CVE-2008-1701
Novell NetWare 6.5 allows attackers to cause a denial of service ABEND via a crafted Macintosh iPrint client request...