Edirectory Security Vulnerabilities and Issues — Edirectory CVE List

Lucene search

NovellEdirectory

4 matches found

CVE•added 2010/02/26 6:30 p.m.•51 views

CVE-2009-4653

Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:.

9CVSS8AI score0.06039EPSS

CVE•added 2010/02/19 5:30 p.m.•46 views

CVE-2010-0666

Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote attackers to cause a denial of service (crash) via unknown a crafted SOAP request, a different issue than CVE-2008-0926.

5CVSS6.5AI score0.65873EPSS

CVE•added 2010/02/26 6:30 p.m.•43 views

CVE-2009-4655

The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.

7.5CVSS6.8AI score0.6034EPSS

CVE•added 2010/02/26 6:30 p.m.•42 views

CVE-2009-4654

Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk.

9CVSS8AI score0.19683EPSS