TROYANOSYVIRUS
Voltar para CVEs

CVE-2008-5038

CRITICAL
9.8

Descricao

Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852.

Detalhes CVE

Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado11/12/2008
Ultima modificacao4/9/2025
Fontenvd
Avistamentos honeypot0

Produtos afetados

novell:edirectory

Fraquezas (CWE)

CWE-416

Referencias

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=748(cve@mitre.org)
http://osvdb.org/48206(cve@mitre.org)
http://secunia.com/advisories/32395(cve@mitre.org)
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html(cve@mitre.org)
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html(cve@mitre.org)
http://www.novell.com/support/viewContent.do?externalId=3426981(cve@mitre.org)
http://www.securityfocus.com/bid/31956(cve@mitre.org)
http://www.securitytracker.com/id?1021117(cve@mitre.org)
http://www.vupen.com/english/advisories/2008/2937(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46138(cve@mitre.org)
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=748(af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/48206(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32395(af854a3a-2127-422b-91ae-364da2661108)
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html(af854a3a-2127-422b-91ae-364da2661108)
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/support/viewContent.do?externalId=3426981(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/31956(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1021117(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/2937(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46138(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.