Vulnerability Details CVE-2008-1809
Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.057
EPSS Ranking 92.0%
CVSS Severity
CVSS v2 Score 10.0
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=724
- http://secunia.com/advisories/31036
- http://www.novell.com/support/viewContent.do?externalId=3843876
- http://www.securityfocus.com/bid/30175
- http://www.securitytracker.com/id?1020470
- http://www.vupen.com/english/advisories/2008/2062/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43716
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=724
- http://secunia.com/advisories/31036
- http://www.novell.com/support/viewContent.do?externalId=3843876
- http://www.securityfocus.com/bid/30175
- http://www.securitytracker.com/id?1020470
- http://www.vupen.com/english/advisories/2008/2062/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43716
Products affected by CVE-2008-1809
-
cpe:2.3:a:novell:edirectory:8.7.3
-
cpe:2.3:a:novell:edirectory:8.8