Novell eDirectory 8.8.3

CPE Details

Novell eDirectory 8.8.3
novell
edirectory
8.8.3
2018-11-06
17h59 +00:00
2018-11-06
17h59 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:novell:edirectory:8.8.3:*:*:*:*:*:*:*

Informations

Vendor

novell

Product

edirectory

Version

8.8.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2017-9267 2018-03-02 20h00 +00:00 In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations.
7.5
High
CVE-2017-9277 2018-03-02 20h00 +00:00 The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA.
7.5
High
CVE-2016-5747 2017-03-23 05h36 +00:00 A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies.
7.5
High
CVE-2008-5093 2008-11-14 18h00 +00:00 Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
4.3
CVE-2008-5094 2008-11-14 18h00 +00:00 Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors.
10
CVE-2006-5814 2006-11-08 22h00 +00:00 Unspecified vulnerability in Novell eDirectory allows remote attackers to execute arbitrary code, as demonstrated by vd_novell.pm, a "Novell eDirectory remote exploit." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.
7.5