Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
edirectory vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-9277
The LDAP backend in Novell eDirectory prior to 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA.
Novell Edirectory
Novell Edirectory 9.0
7.5
CVSSv2
CVE-2006-4177
Heap-based buffer overflow in the NCP engine in Novell eDirectory prior to 8.8.1 FTF1 allows remote malicious users to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more data than intended.
Novell Edirectory
Novell Edirectory 8.8
7.5
CVSSv2
CVE-2017-9285
NetIQ eDirectory prior to 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.
Netiq Edirectory 9.0
Microfocus Edirectory
6.5
CVSSv2
CVE-2017-7429
The certificate upload in NetIQ eDirectory PKI plugin prior to 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated malicious users to execute JSP applets on the iManager server.
Netiq Edirectory 8.8.8
Microfocus Edirectory
10
CVSSv2
CVE-2006-4509
Integer overflow in the evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory prior to 8.8.1 FTF1 allows remote malicious users to execute arbitrary code via a crafted request.
Novell Edirectory 8.8
Novell Edirectory 8.8.1
10
CVSSv2
CVE-2006-4510
The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory prior to 8.8.1 FTF1 allows remote malicious users to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which triggers an inva...
Novell Edirectory 8.8.1
Novell Edirectory 8.8
10
CVSSv2
CVE-2012-0432
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x prior to 8.8.7.2 allows remote malicious users to have an unspecified impact via unknown vectors.
Microfocus Edirectory 8.8.7.0
Microfocus Edirectory 8.8.7.1
2 EDB exploits
5
CVSSv2
CVE-2006-4521
The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS module in Novell eDirectory 8.8 and 8.8.1 before the Security Services 2.0.3 patch does not properly increment a pointer when handling certain input, which allows remote malicious users to cause a denial of service...
Novell Edirectory 8.8
Novell Edirectory 8.8.1
7.5
CVSSv2
CVE-2002-2119
Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote malicious users to conduct brute force password guessing.
Novell Edirectory 8.6.2
Novell Edirectory 8.7
10
CVSSv2
CVE-2008-3159
Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 prior to 8.7.3 SP10b and 8.8 prior to 8.8.2 ftf2 allows remote malicious users to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed ari...
Novell Edirectory 8.8
Novell Edirectory 8.7.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »