ID
VAR-200909-0581
TITLE
Novell eDirectory HTTP GET Request Unicode String Denial of Service Vulnerability
Trust: 0.6
DESCRIPTION
Novell eDirectory is a cross-platform directory server. If a remote attacker submits a specially crafted HTTP request containing a large number of Unicode strings to the port 8028 of the eDirectory server (the default port of the Dhost Http Server), it will exhaust 100% of the CPU resources. Novell eDirectory is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to consume an excessive amount of resources, denying service to legitimate users. Novell eDirectory 8.8 SP5 is vulnerable; other versions may also be affected
Trust: 0.81
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | no | model: | - | scope: | - | version: | - | Trust: 0.6 |
| vendor: | novell | model: | edirectory sp5 | scope: | eq | version: | 8.8 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
THREAT TYPE
network
Trust: 0.3
TYPE
Failure to Handle Exceptional Conditions
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 36301 | Trust: 0.9 |
| db: | CNVD | id: | CNVD-2009-4764 | Trust: 0.6 |
REFERENCES
| url: | http://www.novell.com | Trust: 0.3 |
| url: | /archive/1/506295 | Trust: 0.3 |
CREDITS
Hellcode Research
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2009-4764 |
| db: | BID | id: | 36301 |
LAST UPDATE DATE
2022-05-17T01:45:48.975000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2009-4764 | date: | 2014-01-27T00:00:00 |
| db: | BID | id: | 36301 | date: | 2009-09-09T17:31:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2009-4764 | date: | 2009-09-08T00:00:00 |
| db: | BID | id: | 36301 | date: | 2009-09-08T00:00:00 |