CVE-2008-1809

Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters."

Published: Jul 14, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-1809
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
novell / edirectory	8.8	8.8.x
novell / edirectory	8.7.3	8.7.3.x

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=724
http://secunia.com/advisories/31036
http://www.novell.com/support/viewContent.do?externalId=3843876
http://www.securityfocus.com/bid/30175
http://www.securitytracker.com/id?1020470
http://www.vupen.com/english/advisories/2008/2062/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/43716

Vulnerability Database

289,697

CVE-2008-1809