CVE-2008-3159
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.9%
Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to “flawed arithmetic.”
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | edirectory | 8.7.3 | cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:* |
| novell | edirectory | 8.8 | cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:* |
References
secunia.com/advisories/30938
securitytracker.com/id?1020431
www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3694858
www.securityfocus.com/bid/30085
www.vupen.com/english/advisories/2008/1999
www.zerodayinitiative.com/advisories/ZDI-08-041/
exchange.xforce.ibmcloud.com/vulnerabilities/43589
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.9%