CVE-2009-3862

The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
VendorProductVersion
novelledirectory
8.7.3
novelledirectory
8.7.3:sp2
novelledirectory
8.7.3:sp3
novelledirectory
8.7.3:sp4
novelledirectory
8.7.3:sp5
novelledirectory
8.7.3:sp6
novelledirectory
8.7.3:sp7
novelledirectory
8.7.3:sp8
novelledirectory
8.7.3:sp9
novelledirectory
8.7.3.8
novelledirectory
8.7.3.9
novelledirectory
8.8
novelledirectory
8.8:sp1
novelledirectory
8.8:sp2
novelledirectory
8.8:sp3
novelledirectory
8.8:sp4
novelledirectory
8.8.1
novelledirectory
8.8.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.novell.com/support/viewContent.do?externalId=7004721
http://www.securityfocus.com/bid/36902
http://www.vupen.com/english/advisories/2009/3120
http://www.zerodayinitiative.com/advisories/ZDI-09-075/
http://www.novell.com/support/viewContent.do?externalId=7004721
http://www.securityfocus.com/bid/36902
http://www.vupen.com/english/advisories/2009/3120
http://www.zerodayinitiative.com/advisories/ZDI-09-075/