 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2008-5038 |
| Description: | Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.800137 1.3.6.1.4.1.25623.1.0.800138 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-5038 BugTraq ID: 31956 http://www.securityfocus.com/bid/31956 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=748 http://osvdb.org/48206 http://www.securitytracker.com/id?1021117 http://secunia.com/advisories/32395 http://www.vupen.com/english/advisories/2008/2937 XForce ISS Database: novell-edirectory-ncp-unspecified(46138) https://exchange.xforce.ibmcloud.com/vulnerabilities/46138 |