Edirectory Security Vulnerabilities and Issues — Edirectory CVE List

Lucene search

NovellEdirectory

11 matches found

CVE•added 2006/10/24 7:7 p.m.•51 views

CVE-2006-4510

The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which triggers an invalid free of unallocated mem...

10CVSS7.5AI score0.43942EPSS

CVE•added 2006/10/24 8:7 p.m.•51 views

CVE-2006-5478

Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors ...

7.5CVSS7.6AI score0.90338EPSS

CVE•added 2006/11/08 11:7 p.m.•45 views

CVE-2006-5813

Unspecified vulnerability in Novell eDirectory 8.8 allows attackers to cause a denial of service, as demonstrated by vd_novell3.pm, a "Novell eDirectory 8.8 DoS." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assign...

5CVSS7AI score0.00209EPSS

CVE•added 2006/05/20 3:2 a.m.•39 views

CVE-2006-2496

Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors.

10CVSS7.7AI score0.24917EPSS

CVE•added 2006/11/04 12:7 a.m.•37 views

CVE-2006-4521

The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS module in Novell eDirectory 8.8 and 8.8.1 before the Security Services 2.0.3 patch does not properly increment a pointer when handling certain input, which allows remote attackers to cause a denial of service (invalid memory access) ...

5CVSS6.6AI score0.03275EPSS

CVE•added 2006/08/17 12:4 a.m.•36 views

CVE-2006-4186

The iManager in eMBoxClient.jar in Novell eDirectory 8.7.3.8 writes passwords in plaintext to a log file, which allows local users to obtain passwords by reading the file.

2.1CVSS6.5AI score0.00055EPSS

CVE•added 2006/11/08 11:7 p.m.•36 views

CVE-2006-5814

Unspecified vulnerability in Novell eDirectory allows remote attackers to execute arbitrary code, as demonstrated by vd_novell.pm, a "Novell eDirectory remote exploit." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being ...

7.5CVSS7.7AI score0.02391EPSS

CVE•added 2006/08/17 12:4 a.m.•35 views

CVE-2006-4185

Unspecified vulnerability in the NCPENGINE in Novell eDirectory 8.7.3.8 allows local users to cause a denial of service (CPU consumption) via unspecified vectors, as originally demonstrated using a Nessus scan.

4.9CVSS6.6AI score0.00046EPSS

CVE•added 2006/10/24 8:7 p.m.•34 views

CVE-2006-4177

Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more data than intended.

7.5CVSS7.9AI score0.09582EPSS

CVE•added 2006/10/24 7:7 p.m.•34 views

CVE-2006-4509

Integer overflow in the evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request.

10CVSS7.8AI score0.39907EPSS

CVE•added 2006/10/24 8:7 p.m.•33 views

CVE-2006-5479

The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote attackers to cause an unspecified denial of service via a certain "NCP Fragment."

5CVSS7AI score0.0057EPSS