Stack-based Buffer Overflow in Novell eDirectory for Windows
CVE-2009-4654

Currently unrated

Key Information:

Vendor

Novell
Status
Edirectory
Vendor
CVE Published:
26 February 2010

What is CVE-2009-4654?

A stack-based buffer overflow issue exists in the dhost module of Novell eDirectory 8.8 SP5 for Windows. This vulnerability enables authenticated remote users to execute arbitrary code by exploiting overly long 'sadminpwd' and 'verifypwd' parameters during a submit action to the '/dhost/httpstk' endpoint. Properly handling these parameters is crucial to mitigate the risks associated with potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/37042
vdb-entryx_refsource_BID
http://tcc.hellcode.net/advisories/hellcode-adv005.txt
x_refsource_MISC
http://downloads.securityfocus.com/vulnerabilities/exploi...
x_refsource_MISC

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.