5

CVE-2008-0927

dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values.  NOTE: this might be similar to CVE-2008-1777.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftWindows-nt Version2000
   NovellEdirectory Version <= 8.7.3.9
   NovellEdirectory Version >= 8.8 < 8.8.2
MicrosoftWindows-nt Version2003
   NovellEdirectory Version <= 8.7.3.9
   NovellEdirectory Version >= 8.8 < 8.8.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 70.05% 0.993
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/29805
Third Party Advisory
http://www.novell.com/support/viewContent.do?externalId=3829452&sliceId=1
Vendor Advisory
http://www.securityfocus.com/archive/1/491622/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/28757
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1019836
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2008/1217/references
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/41787
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/5547
Third Party Advisory
VDB Entry