CVE-2010-4327
Novell eDirectory Malformed NCP Request Denial of Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524.
Vulnerabilidad no especificada en el servicio NPC en Novell eDirectory v8.8.5 anterior a v8.8.5.6 y v8.8.6 anterior a v8.8.6.2, permite a atacantes remotos provocar una denegación de servicio (cuelgue) a través de una petición FileSetLock mal formada al puerto 524.
This vulnerability allows attackers to deny services on vulnerable installations of Novell eDirectory. Authentication is not required in order to trigger this vulnerability.
The flaw exists within Novell's eDirectory Server's NCP implementation. Novell's eDirectory Server binds to port 524 for processing NCP requests. When the application processes a malformed FileSetLock request, the service will become unresponsive resulting in an inability to authenticate to that server.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-11-29 CVE Reserved
- 2011-02-07 CVE Published
- 2023-08-11 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell | X_refsource_misc | |
http://securityreason.com/securityalert/8071 | Third Party Advisory | |
http://www.securityfocus.com/archive/1/516279/100/0/threaded | Mailing List | |
http://www.securityfocus.com/bid/46263 | Vdb Entry | |
http://www.zerodayinitiative.com/advisories/ZDI-11-060 | X_refsource_misc |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/43186 | 2018-10-10 | |
http://www.novell.com/support/viewContent.do?externalId=7007781&sliceId=2 | 2018-10-10 | |
http://www.vupen.com/english/advisories/2011/0305 | 2018-10-10 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Novell Search vendor "Novell" | Edirectory Search vendor "Novell" for product "Edirectory" | 8.8.5 Search vendor "Novell" for product "Edirectory" and version "8.8.5" | - |
Affected
| ||||||
Novell Search vendor "Novell" | Edirectory Search vendor "Novell" for product "Edirectory" | 8.8.6 Search vendor "Novell" for product "Edirectory" and version "8.8.6" | - |
Affected
|