CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 0CVE-2008-0924 – Novell eDirectory for Linux LDAP delRequest Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-0924
26 Mar 2008 — Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory 8.7.3.9 and earlier, and 8.8.1 and earlier in the 8.8.x series, allows remote attackers to cause a denial of service (daemon crash or CPU consumption) or execute arbitrary code via a long delRequest LDAP Extended Request message, probably involving a long Distinguished Name (DN) field. El desbordamiento del búfer en la región stack de la memoria en la función DoLBURPRequest en libnldap en ndsd en Novell eDire... • http://secunia.com/advisories/29476 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 8%CPEs: 3EXPL: 0CVE-2006-4520
https://notcve.org/view.php?id=CVE-2006-4520
30 Apr 2007 — ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file. ncp en Novell eDirectory anterior a 8.7.3 SP9, y 8.8.x anterior a 8.8.1 FTF2, no maneja adecuadamente fragmentos NCP con una longitud negativa, lo cual permite a atacantes remotos provocar una denegación de servicio (caída del demonio) cuando el montón se escribe... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=518 •
CVSS: 9.8EPSS: 88%CPEs: 10EXPL: 4CVE-2006-5478 – Novell Netmail User Authentication Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-5478
24 Oct 2006 — Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services. Múltiples desbordamientos de búfer basado... • https://www.exploit-db.com/exploits/28835 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2006-5479
https://notcve.org/view.php?id=CVE-2006-5479
24 Oct 2006 — The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote attackers to cause an unspecified denial of service via a certain "NCP Fragment." El motor NCP en Novell eDirectory anterior a 8.7.3.8 FTF1 permite a atacantes remotos provocar una denegación de servicio no especificada mediante un cierto "Fragmento NCP". • http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm •
CVSS: 9.8EPSS: 9%CPEs: 2EXPL: 0CVE-2006-4177
https://notcve.org/view.php?id=CVE-2006-4177
24 Oct 2006 — Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more data than intended. Desbordamiento de búfer basado en montículo en el motor NCP en Novell eDirectory anterior a 8.8.1 FTF1 permite a atacantes remotos ejecutar código de su elección mediante un paquete artesanal NCP sobre IP que provoca que NCP lea más información de la deseada. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=426 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2006-4185
https://notcve.org/view.php?id=CVE-2006-4185
17 Aug 2006 — Unspecified vulnerability in the NCPENGINE in Novell eDirectory 8.7.3.8 allows local users to cause a denial of service (CPU consumption) via unspecified vectors, as originally demonstrated using a Nessus scan. Vulnerabilidad no especificada en el NCPENGINE de Novell eDirectory 8.7.3.8 permite a usuarios locales provocar una denegación de servicio (agotamiento de CPU) a través de vectores no especificados, como se ha demostrado originalmente utilizando un escaneo Nessus. • http://secunia.com/advisories/21496 •
CVSS: 7.5EPSS: 72%CPEs: 1EXPL: 2CVE-2005-2551 – eDirectory 8.7.3 - iMonitor Remote Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2551
12 Aug 2005 — Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 on Windows allows attackers to cause a denial of service (crash) and obtain access to files via unknown vectors. • https://www.exploit-db.com/exploits/16769 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2005-1729
https://notcve.org/view.php?id=CVE-2005-1729
12 Jun 2005 — Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034536.html •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2002-1552
https://notcve.org/view.php?id=CVE-2002-1552
31 Mar 2003 — Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager. • http://marc.info/?l=bugtraq&m=103712498905027&w=2 •