Summary
This host is running Novell eDirectory and is prone to Multiple Vulnerabilities.
Impact
Successful exploitation allows remote code execution on the target machines or can allow disclosure of potentially sensitive information or can cause denial of service.
Impact Level: Application
Solution
Update to 8.8 Service Pack 3.
http://support.novell.com/patches.html
Insight
The flaws are due to
- boundary error in LDAP and NDS services.
- boundary error in HTTP language header and HTTP content-length header.
- HTTP protocol stack(HTTPSTK) that does not properly filter HTML code from user-supplied input.
Affected
Novell eDirectory 8.8 SP2 and prior on Windows.
References
- http://securitytracker.com/alerts/2008/Aug/1020785.html
- http://securitytracker.com/alerts/2008/Aug/1020786.html
- http://securitytracker.com/alerts/2008/Aug/1020787.html
- http://securitytracker.com/alerts/2008/Aug/1020788.html
- http://www.novell.com/documentation/edir873/sp10_readme/netware/readme.txt
- http://www.novell.com/support/viewContent.do?externalId=3426981
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-5091, CVE-2008-5092, CVE-2008-5093, CVE-2008-5094 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities