CVE-2008-4479 – Novell eDirectory dhost.exe Accept Language Header Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-4479
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header. Desbordamiento de búfer basado en montículo en dhost.exe de Novell eDirectory 8.8 anterior a 8.8.3 y 8.7.3 antes de 8.7.3.10 ftf1, permite a atacantes remotos ejecutar código de su elección mediante una petición SOAP con una cabecera Accept-Language larga. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Novell eDirectory. Authentication is not required to exploit this vulnerability. The specific flaw resides in the web console running on TCP ports 8028 and 8030. The server exposes a web interface and accepts SOAP connections. • http://secunia.com/advisories/32111 http://securityreason.com/securityalert/4405 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7000086&sliceId=1&docTypeID=DT_TID_1_1&dialogID=78066829&stateId=0%200%2078062953 http://www.securityfocus.com/archive/1/497164/100/0/threaded http://www.securitytracker.com/id?10 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-4480 – Novell eDirectory Core Protocol Opcode 0x24 Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-4480
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer. Desbordamiento de búfer basado en montículo en Novell eDirectory v8.x anteriores a v8.8.3, y v8.7.3 anteriores a v8.7.3.10 ftf1, permite a atacantes remotos ejecutar código arbitrario a través del mensaje manipulado del "opcode" 0x024 en el "Netware Core Protocol", que provoca un error de calculo que desborda el búfer de montículo. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within dhost.exe, the service responsible for directory replication which is bound by default to TCP port 524. Improper parsing within opcode 0x24 via the Netware Core Protocol can result in an arithmetic calculation based on supplied user-input resulting in an under-allocated heap buffer. • http://secunia.com/advisories/32111 http://securityreason.com/securityalert/4404 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7001183&sliceId=1&docTypeID=DT_TID_1_1&dialogID=78066829&stateId=0%200%2078062953 http://www.novell.com/support/viewContent.do?externalId=3426981 http://www.novell.com/support/viewConten • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-4478 – Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-4478
Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow. Múltiples desbordamientos de entero en dhost.exe en Novell eDirectory v8.8 anterior a v8.8.3, y v8.73 anterior a v8.7.3.10 ftf1, permite a atacantes remotos ejecutar código de su elección a través de (1) una cabecera "Content-Length" manipulada en una petición SOAP o (2) mediante un mensaje Netware Core Protocol opcode 0x0F, que lanza un desbordamiento de búfer basado en montículo. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within dhost.exe, the service responsible for directory replication which is bound by default to TCP port 524. Improper parsing within opcode 0x0F via the Netware Core Protocol can result in an arithmetic calculation based on supplied user-input resulting in an integer overflow that will be used to copy into a heap buffer. • http://secunia.com/advisories/32111 http://securityreason.com/securityalert/4406 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7000087&sliceId=1&docTypeID=DT_TID_1_1&dialogID=78066829&stateId=0%200%2078062953 http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7001184&sliceId=1&docTypeID • CWE-189: Numeric Errors •
CVE-2008-1809
https://notcve.org/view.php?id=CVE-2008-1809
Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters." Desbordamiento de búfer basado en montículo en Novell eDirectory 8.7.3 anterior a 8.7.3.10b, y 8.8 anterior a 8.8.2 FTF2, permite a atacantes remotos ejecutar código de su elección mediante una solicitud de búsqueda LDAP que contenga "parámetros de búsqueda nulos". • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=724 http://secunia.com/advisories/31036 http://www.novell.com/support/viewContent.do?externalId=3843876 http://www.securityfocus.com/bid/30175 http://www.securitytracker.com/id?1020470 http://www.vupen.com/english/advisories/2008/2062/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43716 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-3159 – Novell eDirectory dhost Integer Overflow Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2008-3159
Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic." Desbordamiento de entero en ds.dlm, como el utilizado en dhost.exe de Novell eDirectory 8.7.3.10 anterior a 8.7.3 SP10b y 8.8 anterior a 8.8.2 ftf2, permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados que provocan un desbordamiento del búfer basado en pila. Relacionado con "aritmética defectuosa". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory. Authentication is not required to exploit this vulnerability. The specific flaw exists within dhost.exe, bound by default to TCP port 524. • http://secunia.com/advisories/30938 http://securitytracker.com/id?1020431 http://www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3694858 http://www.securityfocus.com/bid/30085 http://www.vupen.com/english/advisories/2008/1999 http://www.zerodayinitiative.com/advisories/ZDI-08-041 https://exchange.xforce.ibmcloud.com/vulnerabilities/43589 • CWE-189: Numeric Errors •