CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17952
https://notcve.org/view.php?id=CVE-2018-17952
12 Dec 2018 — Cross site scripting vulnerability in eDirectory prior to 9.1 SP2 Vulnerabilidad Cross-Site Scripting (XSS) en eDirectory en versiones anteriores a la 9.1 SP2. • https://www.netiq.com/documentation/edirectory-91/edirectory912_releasenotes/data/edirectory912_releasenotes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7686 – Novell NetIQ Access Manager dhost Service Shared Memory Section Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-7686
09 Aug 2018 — Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage. Vulnerabilidad de fuga de información en NetIQ eDirectory en versiones anteriores a la 9.1.1 HF1 debido al uso de memoria compartida. This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Novell NetIQ Access Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The speci... • https://www.netiq.com/documentation/edirectory-91/edirectory9111_releasenotes/data/edirectory9111_releasenotes.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7692
https://notcve.org/view.php?id=CVE-2018-7692
09 Aug 2018 — Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1. Vulnerabilidad de redirección no validada en NetIQ eDirectory en versiones anteriores a la 9.1.1 HF1. • https://www.netiq.com/documentation/edirectory-91/edirectory9111_releasenotes/data/edirectory9111_releasenotes.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-12461 – Certificate Revocation Check failure
https://notcve.org/view.php?id=CVE-2018-12461
10 Jul 2018 — Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation. Problemas solucionados con NetIQ eDirectory en versiones anteriores a la 9.1.1 al comprobar la revocación de certificados. • https://www.netiq.com/support/kb/doc.php?id=7016794 • CWE-295: Improper Certificate Validation •
CVSS: 10.0EPSS: 0%CPEs: 43EXPL: 0CVE-2008-5092
https://notcve.org/view.php?id=CVE-2008-5092
14 Nov 2008 — Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header. Desbordamiento de búfer basado en montículo en la pila del protocolo HTTP en Novell eDirectory (HTTPSTK) versiones anteriores a v8.8 SP3 tiene un impacto y vectores de ataque desconocidos relaciona a (1) cabeceras del lenguaje HTTP y (2) cabeceras "content-length" HTTP. • http://www.novell.com/support/viewContent.do?externalId=3426981 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2002-1552
https://notcve.org/view.php?id=CVE-2002-1552
31 Mar 2003 — Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager. • http://marc.info/?l=bugtraq&m=103712498905027&w=2 •