) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:novell:edirectory:8.7.3:sp4:windows
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2009-3862 |
The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value. Published: November 04, 2009; 1:30:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2008-5094 |
Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors. Published: November 14, 2008; 2:20:54 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2008-5093 |
Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Published: November 14, 2008; 2:20:54 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2008-5092 |
Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header. Published: November 14, 2008; 2:20:54 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2008-5091 |
Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter." Published: November 14, 2008; 2:20:54 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |