CVE-2009-3862

Novell eDirectory LDAP Null Base DN Denial of Service Vulnerability

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value.

El proceso NDSD en Novell eDirectory v8.7.3 anterior a v8.7.3.10 ftf2 y eDirectory v8.8 anterior a v8.8.5 ftf1 no maneja adecuadamente ciertas peticiones de búsqueda de LDAP, lo que permite a atacantes remoto provocar una denegación de servicio (cuelgue de aplicación) a través de una petición de búsqueda con valor BaseDN NULL.

This vulnerability allows attackers to deny services on vulnerable installations of Novell eDirectory. Authentication is not required in order to exploit this vulnerability.
The specific flaw exists within Novell's eDirectory Server's LDAP implementation. Novell eDirectory's NDSD process binds to port 389/TCP for handling LDAP requests. When the service processes a search request with an undefined BaseDN, it will become unresponsive resulting in an inability to query or authenticate to that server.

*Credits: Anonymous

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2009-11-02 CVE Published
2009-11-04 CVE Reserved
2023-04-02 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-287: Improper Authentication

CAPEC

References (4)

URL	Tag	Source
http://www.securityfocus.com/bid/36902	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://www.novell.com/support/viewContent.do?externalId=7004721	2009-11-05
http://www.vupen.com/english/advisories/2009/3120	2009-11-05
http://www.zerodayinitiative.com/advisories/ZDI-09-075	2009-11-05

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.7.3 Search vendor "Novell" for product "Edirectory" and version "8.7.3"		-		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.7.3 Search vendor "Novell" for product "Edirectory" and version "8.7.3"		sp2, windows		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.7.3 Search vendor "Novell" for product "Edirectory" and version "8.7.3"		sp3, windows		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.7.3 Search vendor "Novell" for product "Edirectory" and version "8.7.3"		sp4, windows		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.7.3 Search vendor "Novell" for product "Edirectory" and version "8.7.3"		sp5, windows		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.7.3 Search vendor "Novell" for product "Edirectory" and version "8.7.3"		sp6, windows		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.7.3 Search vendor "Novell" for product "Edirectory" and version "8.7.3"		sp7, windows		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.7.3 Search vendor "Novell" for product "Edirectory" and version "8.7.3"		sp8, windows		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.7.3 Search vendor "Novell" for product "Edirectory" and version "8.7.3"		sp9, windows		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.7.3.8 Search vendor "Novell" for product "Edirectory" and version "8.7.3.8"		-		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.7.3.9 Search vendor "Novell" for product "Edirectory" and version "8.7.3.9"		-		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.8 Search vendor "Novell" for product "Edirectory" and version "8.8"		-		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.8 Search vendor "Novell" for product "Edirectory" and version "8.8"		sp1		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.8 Search vendor "Novell" for product "Edirectory" and version "8.8"		sp2		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.8 Search vendor "Novell" for product "Edirectory" and version "8.8"		sp3		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.8 Search vendor "Novell" for product "Edirectory" and version "8.8"		sp4		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.8.1 Search vendor "Novell" for product "Edirectory" and version "8.8.1"		-		Affected
Novell Search vendor "Novell"		Edirectory Search vendor "Novell" for product "Edirectory"				8.8.2 Search vendor "Novell" for product "Edirectory" and version "8.8.2"		-		Affected