Edirectory@8.8.5 Security Vulnerabilities and Issues — Edirectory@8.8.5 CVE List

Lucene search

NovellEdirectory8.8.5

3 matches found

CVE•added 2009/12/03 5:30 p.m.•48 views

CVE-2009-0895

Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow.

10CVSS8AI score0.26227EPSS

CVE•added 2010/02/26 6:30 p.m.•43 views

CVE-2009-4655

The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.

7.5CVSS6.8AI score0.6034EPSS

CVE•added 2011/02/10 6:0 p.m.•38 views

CVE-2010-4327

Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524.

5CVSS6.7AI score0.01739EPSS