CVE-2006-4510Edirectory vulnerability

3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
37.9%
top 2.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Edirectory
Timeline
PublishedOct 24
Latest updateMay 1

Description

The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which triggers an invalid free of unallocated memory.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDnovell/edirectory8.8, 8.8.1+1

Patches

Patch: labs.idefense.comPatch: secunia.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-g5q4-52w8-jq3w: The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 82022-05-01
CVEList
CVE-2006-4510: The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 82006-10-24
CVE-2006-4510 — Novell Edirectory vulnerability | cvebase