Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Edirectory
(Novell)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 51 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-12-19 | CVE-2014-5212 | Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter. | Edirectory | N/A | ||
| 2011-02-10 | CVE-2010-4327 | Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524. | Edirectory | N/A | ||
| 2010-02-19 | CVE-2010-0666 | Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote attackers to cause a denial of service (crash) via unknown a crafted SOAP request, a different issue than CVE-2008-0926. | Edirectory | N/A | ||
| 2010-02-26 | CVE-2009-4655 | The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie. | Edirectory | N/A | ||
| 2010-02-26 | CVE-2009-4654 | Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk. | Edirectory | N/A | ||
| 2010-02-26 | CVE-2009-4653 | Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:. | Edirectory | N/A | ||
| 2009-11-04 | CVE-2009-3862 | The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value. | Edirectory | N/A | ||
| 2009-07-14 | CVE-2009-2457 | The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (crash) via a malformed bind LDAP packet. | Edirectory | N/A | ||
| 2009-07-14 | CVE-2009-2456 | The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (ndsd core dump) via an LDAP request containing multiple . (dot) wildcard characters in the Relative Distinguished Name (RDN). | Edirectory | N/A | ||
| 2009-12-03 | CVE-2009-0895 | Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow. | Edirectory | N/A |