Integer Overflow Vulnerability in Novell eDirectory Product
CVE-2008-4478

Currently unrated

Key Information:

Vendor

Novell
Status
Edirectory
Vendor
CVE Published:
14 October 2008

What is CVE-2008-4478?

Multiple integer overflows in the dhost.exe component of Novell eDirectory versions prior to 8.8.3 and 8.7.3.10 allow remote attackers to execute arbitrary code. This vulnerability is exploited through specially crafted Content-Length headers in SOAP requests or by using specific Netware Core Protocol opcode messages, resulting in heap-based buffer overflow conditions that can compromise system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.zerodayinitiative.com/advisories/ZDI-08-065
x_refsource_MISC
http://securityreason.com/securityalert/4406
third-party-advisoryx_refsource_SREASON
https://exchange.xforce.ibmcloud.com/vulnerabilities/45628
vdb-entryx_refsource_XF

EPSS Score

60% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.