TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2008-5038

CRITICAL
9.8

Beschreibung

Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852.

CVE Details

CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht11/12/2008
Zuletzt geandert4/9/2025
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

novell:edirectory

Schwachen (CWE)

CWE-416

Referenzen

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=748(cve@mitre.org)
http://osvdb.org/48206(cve@mitre.org)
http://secunia.com/advisories/32395(cve@mitre.org)
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html(cve@mitre.org)
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html(cve@mitre.org)
http://www.novell.com/support/viewContent.do?externalId=3426981(cve@mitre.org)
http://www.securityfocus.com/bid/31956(cve@mitre.org)
http://www.securitytracker.com/id?1021117(cve@mitre.org)
http://www.vupen.com/english/advisories/2008/2937(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46138(cve@mitre.org)
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=748(af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/48206(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32395(af854a3a-2127-422b-91ae-364da2661108)
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html(af854a3a-2127-422b-91ae-364da2661108)
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/support/viewContent.do?externalId=3426981(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/31956(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1021117(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/2937(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46138(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.