TROYANOSYVIRUS
Volver a CVEs

CVE-2008-5038

CRITICAL
9.8

Descripcion

Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852.

Detalles CVE

Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado11/12/2008
Ultima modificacion4/9/2025
Fuentenvd
Avistamientos honeypot0

Productos afectados

novell:edirectory

Debilidades (CWE)

CWE-416

Referencias

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=748(cve@mitre.org)
http://osvdb.org/48206(cve@mitre.org)
http://secunia.com/advisories/32395(cve@mitre.org)
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html(cve@mitre.org)
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html(cve@mitre.org)
http://www.novell.com/support/viewContent.do?externalId=3426981(cve@mitre.org)
http://www.securityfocus.com/bid/31956(cve@mitre.org)
http://www.securitytracker.com/id?1021117(cve@mitre.org)
http://www.vupen.com/english/advisories/2008/2937(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46138(cve@mitre.org)
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=748(af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/48206(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32395(af854a3a-2127-422b-91ae-364da2661108)
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html(af854a3a-2127-422b-91ae-364da2661108)
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/support/viewContent.do?externalId=3426981(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/31956(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1021117(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/2937(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46138(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.