Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:15027
HistoryDec 04, 2009 - 12:00 a.m.

Novell eDirectory NDS Verb 0x1请求堆溢出漏洞

2009-12-0400:00:00
Root
www.seebug.org
18

0.592 Medium

EPSS

Percentile

97.8%

JSON

BUGTRAQ ID: 37184
CVE(CAN) ID: CVE-2009-0895

Novell eDirectory是一个的跨平台的目录服务器。

eDirectory允许未经认证的用户查询有关特定对象的信息。如果用户发送的服务请求(NDS Verb 0x1)中包含有在内存分配中所使用的整数的话,超大的整数就可以触发整数溢出,之后的分配返回不充分的缓冲区,最终导致堆溢出。

Novell eDirectory 8.8.X
Novell eDirectory 8.7.3.X
厂商补丁:

Novell

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://download.novell.com/

Related

cvelist 1
cve 1
nessus 1
checkpoint_advisories 1
prion 1
nvd 1
cvelist
cvelist
CVE-2009-0895
2009-12-03 17:00:00
cve
cve
CVE-2009-0895
2009-12-03 17:30:00
nessus
nessus
Novell eDirectory < 8.8.5.2 / 8.7.3.10 ftf2 'NDS Verb' Request Buffer Overflow
2009-12-07 00:00:00
checkpoint_advisories
checkpoint_advisories
Novell eDirectory NDS Verb Integer Overflow (CVE-2009-0895)
2010-01-24 00:00:00
prion
prion
Integer overflow
2009-12-03 17:30:00
nvd
nvd
CVE-2009-0895
2009-12-03 17:30:00

0.592 Medium

EPSS

Percentile

97.8%

JSON
Related for SSV:15027
cvelist1cve1nessus1checkpoint_advisories1prion1nvd1