CVE-2008-4480

Currently unrated

Key Information:

Vendor: Novell
Status: Edirectory
Vendor: CVE Published:; 14 October 2008

Summary

Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer.

References

http://www.novell.com/support/viewContent.do?externalId=3...

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2008/2738

vdb-entryx_refsource_VUPEN

http://support.novell.com/docs/Readmes/InfoDocument/patch...

x_refsource_CONFIRM

EPSS Score

80% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 14, 2008
Vulnerability Reserved
Oct 7, 2008

Collectors

NVD DatabaseMitre Database