EUVD-2009-3833

Malware in sbrugna...

SUSE CVE-2008-0924

Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory 8.7.3.9 and earlier, and 8.8.1 and earlier in the 8.8.x series, allows remote attackers to cause a denial of service daemon crash or CPU consumption or execute arbitrary code via a long delRequest...

Design/Logic Flaw

A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies...

Privilege escalation

NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL...

CVE-2016-5747

A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies...

CVE-2016-9167

NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL...

CVE-2016-9167

NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL...

CVE-2016-9167

Affected product: Novell eDirectory NDSD prior to 9.0.2. The issue is that ACLs on LDAP objects across partition boundaries are not calculated correctly, enabling privilege escalation by modifying user attributes that would otherwise be filtered by an ACL. Root cause: incorrect ACL evaluation acr...

CVE-2016-5747

The CVE-2016-5747 entry concerns Novell eDirectory’s NDSD HTTP stack cookie handling, where predictable cookies enable remote bypass of access restrictions prior to version 9.0.1. Multiple sources (NVD, CNVD, OpenVAS) confirm the vulnerability in the cookie-based auth flow, affecting eDirectory b...

CVE-2016-5747

A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies...

CVE-2016-9168

CVE-2016-9168 affects Novell eDirectory’s NDSD (NDS Utility Monitor) prior to version 9.0.2, where a missing X-Frame-Options header could enable clickjacking by remote attackers. The vulnerability is documented across multiple feeds (NVD entry and cross-references in CNVD/OpenVAS records) and is ...

ZDI-09-075: Novell eDirectory LDAP Null Base DN Denial of Service Vulnerability

ZDI-09-075: Novell eDirectory LDAP Null Base DN Denial of Service Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-075 November 2, 2009 -- Affected Vendors: Novell -- Affected Products: Novell eDirectory -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers have be...

Novell eDirectory空Base DN拒绝服务漏洞

Bugraq ID: 36902 Novell eDirectory是一款跨平台的目录服务器。 Novell eDirectory服务器包含的LDAP实现存在缺陷，Novell eDirectory的NDSD进程保定389/TCP端口处理LDAP请求，当服务处理未定义BaseDN的搜索请求时，会停止响应而不能再进行查询或验证。 Novell eDirectory 8.8.2 ftf2 Novell eDirectory 8.8.2 Novell eDirectory 8.8.1 Novell eDirectory 8.7.3 SP10b Novell eDirectory 8.7.3...

CVE-2009-3862

The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service application hang via a search request with a NULL BaseDN value...

Design/Logic Flaw

The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service application hang via a search request with a NULL BaseDN value...

CVE-2009-3862

The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service application hang via a search request with a NULL BaseDN value...

Novell eDirectory Multiple Vulnerabilities - Jul09 (Linux)

This host is running Novell eDirectory and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodnovelledirmultvulnjul09lin.nasl 5122 2017-01-27 12:16:00Z teissa $ Novell eDirectory Multiple Vulnerabilities - Jul09 Linux Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...

Novell eDirectory Multiple Vulnerabilities (Jul 2009) - Windows

Novell eDirectory is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:novell:edirectory";...

CVE-2009-2456

The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service ndsd core dump via an LDAP request containing multiple . dot wildcard characters in the Relative Distinguished Name RDN...

CVE-2009-2457

The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service crash via a malformed bind LDAP packet...