Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2008-0926
HistoryMar 28, 2008 - 6:44 p.m.

CVE-2008-0926

2008-03-2818:44:00
CWE-287
[email protected]
web.nvd.nist.gov
5

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7

Confidence

Low

EPSS

0.353

Percentile

97.2%

JSON

The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 and earlier, and 8.8.x before 8.8.2, relies on client-side authentication, which allows remote attackers to bypass authentication via requests for /SOAP URIs, and cause a denial of service (daemon shutdown) or read arbitrary files. NOTE: it was later reported that 8.7.3.10 (aka 8.7.3 SP10) is also affected.

Affected configurations

Nvd
Node
novelledirectoryRangeโ‰ค8.7.3.10
OR
novelledirectoryMatch8.5
OR
novelledirectoryMatch8.5.12a
OR
novelledirectoryMatch8.5.27
OR
novelledirectoryMatch8.6.2
OR
novelledirectoryMatch8.7
OR
novelledirectoryMatch8.7.1
OR
novelledirectoryMatch8.7.1sp1
OR
novelledirectoryMatch8.7.3
OR
novelledirectoryMatch8.7.3.8
OR
novelledirectoryMatch8.7.3.8_presp9
OR
novelledirectoryMatch8.7.3.9
OR
novelledirectoryMatch8.8
VendorProductVersionCPE
novelledirectory*cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*
novelledirectory8.5cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*
novelledirectory8.5.12acpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*
novelledirectory8.5.27cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*
novelledirectory8.6.2cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*
novelledirectory8.7cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*
novelledirectory8.7.1cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*
novelledirectory8.7.1cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*
novelledirectory8.7.3cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*
novelledirectory8.7.3.8cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*
Rows per page:
1-10 of 131

Related

metasploit 1
cvelist 2
seebug 1
exploitdb 1
nessus 2
securityvulns 1
prion 2
cve 2
packetstorm 1
nvd 1
metasploit
metasploit
Novell eDirectory eMBox Unauthenticated File Access
2011-12-16 05:09:26
cvelist
cvelist
CVE-2008-0926
2008-03-28 18:00:00
CVE-2010-0666
2010-02-19 17:00:00
seebug
seebug
Novell eDirectory eMBoxๅทฅๅ…ทedirutilๅ‘ฝไปค็ป•่ฟ‡่ฎค่ฏๆผๆดž
2008-05-07 00:00:00
exploitdb
exploitdb
Novell eDirectory 8.x - eMBox Utility 'edirutil' Command
2008-03-25 00:00:00
nessus
nessus
Novell eDirectory eMBox Utility Unauthorized Access (uncredentialed check)
2008-04-11 00:00:00
Novell eDirectory eMBox Utility Unauthorized Access
2008-04-11 00:00:00
securityvulns
securityvulns
Novell eDirectory unauthenticated access to SOAP interface
2008-05-06 00:00:00
prion
prion
Authentication flaw
2008-03-28 18:44:00
Design/Logic Flaw
2010-02-19 17:30:00
cve
cve
CVE-2008-0926
2008-03-28 18:44:00
CVE-2010-0666
2010-02-19 17:30:01
packetstorm
packetstorm
Novell EDirectory EMBox Unauthenticated File Access
2024-08-31 00:00:00
nvd
nvd
CVE-2010-0666
2010-02-19 17:30:01

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7

Confidence

Low

EPSS

0.353

Percentile

97.2%

JSON
Related for NVD:CVE-2008-0926
metasploit1cvelist2seebug1exploitdb1nessus2securityvulns1prion2cve2packetstorm1nvd1