Vulnerabilities > CVE-2006-4520 - Denial Of Service vulnerability in Novell EDirectory NCP Fragment Length
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 22 |
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=518
- http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=3924657&sliceId=SAL_Public
- http://www.securityfocus.com/bid/23685
- http://www.securitytracker.com/id?1017972
- http://www.vupen.com/english/advisories/2007/1550
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33921