Vulnerabilities > CVE-2009-0895 - Numeric Errors vulnerability in Novell Edirectory

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
novell
CWE-189
critical
nessus
NVD
Published: 2009-12-03
Updated: 2017-08-17

Summary

Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow.

Vulnerable Configurations

Part Description Count
Application
Novell
22

Common Weakness Enumeration (CWE)

Nessus

NASL familyMisc.
NASL idEDIRECTORY_NDS_VERB_OVERFLOW.NASL
descriptionThe remote host is running eDirectory, a directory service software from Novell. The installed version of eDirectory is affected by a remote buffer overflow vulnerability. By sending a specially crafted
last seen2020-06-01
modified2020-06-02
plugin id43030
published2009-12-07
reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/43030
titleNovell eDirectory < 8.8.5.2 / 8.7.3.10 ftf2 'NDS Verb' Request Buffer Overflow

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 37184 CVE(CAN) ID: CVE-2009-0895 Novell eDirectory是一个的跨平台的目录服务器。 eDirectory允许未经认证的用户查询有关特定对象的信息。如果用户发送的服务请求(NDS Verb 0x1)中包含有在内存分配中所使用的整数的话,超大的整数就可以触发整数溢出,之后的分配返回不充分的缓冲区,最终导致堆溢出。 Novell eDirectory 8.8.X Novell eDirectory 8.7.3.X 厂商补丁: Novell ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://download.novell.com/
idSSV:15027
last seen2017-11-19
modified2009-12-04
published2009-12-04
reporterRoot
titleNovell eDirectory NDS Verb 0x1请求堆溢出漏洞

References