Lucene search

[email protected]CVE-2006-4510

HistoryOct 24, 2006 - 7:07 p.m.

CVE-2006-4510

2006-10-2419:07:00

[email protected]

web.nvd.nist.gov

cve-2006-4510

novell edirectory

ldap

remote code execution

security vulnerability

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.909 High

EPSS

Percentile

98.9%

JSON

The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which triggers an invalid free of unallocated memory.

Affected configurations

NVD

Node

novelledirectoryMatch8.8

novelledirectoryMatch8.8.1

CPENameOperatorVersion
novell:edirectorynovell edirectoryeq8.8
novell:edirectorynovell edirectoryeq8.8.1

CPE	Name	Operator	Version
novell:edirectory	novell edirectory	eq	8.8
novell:edirectory	novell edirectory	eq	8.8.1

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=428

secunia.com/advisories/22506

securitytracker.com/id?1017104

www.securityfocus.com/bid/20663

www.vupen.com/english/advisories/2006/4142

exchange.xforce.ibmcloud.com/vulnerabilities/29752

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.909 High

EPSS

Percentile

98.9%

JSON

Related for CVE-2006-4510

cvelist1 checkpoint_advisories5 securityvulns1 nvd1