5
CVE-2009-3862
- EPSS 0.67%
- Veröffentlicht 04.11.2009 18:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Novell ≫ Edirectory Version8.7.3
Novell ≫ Edirectory Version8.7.3 Updatesp2 Editionwindows
Novell ≫ Edirectory Version8.7.3 Updatesp3 Editionwindows
Novell ≫ Edirectory Version8.7.3 Updatesp4 Editionwindows
Novell ≫ Edirectory Version8.7.3 Updatesp5 Editionwindows
Novell ≫ Edirectory Version8.7.3 Updatesp6 Editionwindows
Novell ≫ Edirectory Version8.7.3 Updatesp7 Editionwindows
Novell ≫ Edirectory Version8.7.3 Updatesp8 Editionwindows
Novell ≫ Edirectory Version8.7.3 Updatesp9 Editionwindows
Novell ≫ Edirectory Version8.7.3.8
Novell ≫ Edirectory Version8.7.3.9
Novell ≫ Edirectory Version8.8
Novell ≫ Edirectory Version8.8 Updatesp1
Novell ≫ Edirectory Version8.8 Updatesp2
Novell ≫ Edirectory Version8.8 Updatesp3
Novell ≫ Edirectory Version8.8 Updatesp4
Novell ≫ Edirectory Version8.8.1
Novell ≫ Edirectory Version8.8.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.67% | 0.689 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.