 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.900210 |
| Kategorie: | Buffer overflow |
| Titel: | Novell eDirectory Multiple Vulnerabilities - Linux |
| Zusammenfassung: | Novell eDirectory is prone to cross-site scripting (XSS), denial; of service (DoS) and remote code execution (RCE) vulnerabilities. |
| Beschreibung: | Summary: Novell eDirectory is prone to cross-site scripting (XSS), denial of service (DoS) and remote code execution (RCE) vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - errors in HTTP Protocol Stack that can be exploited to cause heap based buffer overflow via a specially crafted language/content-length headers. - input passed via unspecified parameters to the HTTP Protocol Stack is not properly sanitzed before being returned to the user. - Multiple unknown errors exist in LDAP and NDS services. Vulnerability Impact: Successful Remote exploitation will allow execution of arbitrary code, heap-based buffer overflow, Cross Site Scripting attacks, or cause memory corruption. Affected Software/OS: Novell eDirectory 8.8 SP2 and prior versions on Linux (All). Solution: Apply 8.8 Service Pack 3. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-5091 BugTraq ID: 30947 http://www.securityfocus.com/bid/30947 https://bugzilla.novell.com/show_bug.cgi?id=373853 http://www.securitytracker.com/id?1020788 http://www.vupen.com/english/advisories/2008/2462 XForce ISS Database: novell-edirectory-extensiblematch-dos(43590) https://exchange.xforce.ibmcloud.com/vulnerabilities/43590 Common Vulnerability Exposure (CVE) ID: CVE-2008-5092 http://www.securitytracker.com/id?1020786 Common Vulnerability Exposure (CVE) ID: CVE-2008-5093 http://www.securitytracker.com/id?1020785 XForce ISS Database: novell-edirectory-httpstk-xss(46667) https://exchange.xforce.ibmcloud.com/vulnerabilities/46667 Common Vulnerability Exposure (CVE) ID: CVE-2008-5094 http://www.securitytracker.com/id?1020787 Common Vulnerability Exposure (CVE) ID: CVE-2008-5095 http://www.securitytracker.com/id?1020792 http://www.securitytracker.com/id?1020793 |
| Copyright | Copyright (C) 2008 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |