CVE-2008-5038

Severity

99%

Complexity

99%

Confidentiality

165%

Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852.

Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

Novell eDirectory

First reported 16 years ago

2008-11-12 21:09:00

Last updated 7 years ago

2017-08-08 01:33:00

Affected Software

Novell eDirectory 8.0

8.0

Novell eDirectory 8.5

8.5

Novell eDirectory 8.5.12a

8.5.12a

Novell eDirectory 8.5.27

8.5.27

Novell eDirectory 8.6.2

8.6.2

Novell eDirectory 8.7

8.7

Novell eDirectory 8.7.1

8.7.1

Novell eDirectory 8.7.1 SU1

8.7.1

Novell eDirectory 8.7.3

8.7.3

Novell eDirectory 8.7.3 SP1 for Windows

8.7.3

Novell eDirectory 8.7.3 SP2 for Windows

8.7.3

Novell eDirectory 8.7.3 SP3 for Windows

8.7.3

Novell eDirectory 8.7.3 SP4 for Windows

8.7.3

Novell eDirectory 8.7.3 SP5 for Windows

8.7.3

Novell eDirectory 8.7.3 SP6 for Windows

8.7.3

Novell eDirectory 8.7.3 SP7 for Windows

8.7.3

Novell eDirectory 8.7.3 SP8 for Windows

8.7.3

Novell eDirectory 8.8 SP2 for Windows

8.8

References

20081030 Novell eDirectory NCP Get Extension Information Request Memory Corruption Vulnerability

48206

32395

Vendor Advisory

http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html

Patch, Vendor Advisory

http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html

Patch

http://www.novell.com/support/viewContent.do?externalId=3426981

31956

1021117

ADV-2008-2937

Vendor Advisory

novell-edirectory-ncp-unspecified(46138)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.