Novell: >> Edirectory >> 8.8.5 Security Vulnerabilities
Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524.
CVSS Score
5.0
EPSS Score
0.017
Published
2011-02-10
The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.
CVSS Score
7.5
EPSS Score
0.603
Published
2010-02-26
Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow.
CVSS Score
10.0
EPSS Score
0.262
Published
2009-12-03