Vulnerability Details CVE-2008-1809
Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.229
EPSS Ranking 95.7%
CVSS Severity
CVSS v2 Score 10.0
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=724
- http://secunia.com/advisories/31036
- http://www.novell.com/support/viewContent.do?externalId=3843876
- http://www.securityfocus.com/bid/30175
- http://www.securitytracker.com/id?1020470
- http://www.vupen.com/english/advisories/2008/2062/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43716
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=724
- http://secunia.com/advisories/31036
- http://www.novell.com/support/viewContent.do?externalId=3843876
- http://www.securityfocus.com/bid/30175
- http://www.securitytracker.com/id?1020470
- http://www.vupen.com/english/advisories/2008/2062/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43716
Products affected by CVE-2008-1809
-
cpe:2.3:a:novell:edirectory:8.7.3
-
cpe:2.3:a:novell:edirectory:8.8