CVE-2008-3159 | Vulnerability Database | Aqua Security

Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to flawed arithmetic.

Affected Software

Name	Vendor	Start Version	End Version
Edirectory	Novell	8.7.3 (including)	8.7.3 (including)
Edirectory	Novell	8.8 (including)	8.8 (including)

References

http://secunia.com/advisories/30938
http://securitytracker.com/id?1020431
http://www.novell.com/support/search.do?cmd=displayKC\u0026sliceId=SAL_Public\u0026externalId=3694858
http://www.securityfocus.com/bid/30085
http://www.vupen.com/english/advisories/2008/1999
http://www.zerodayinitiative.com/advisories/ZDI-08-041/
https://exchange.xforce.ibmcloud.com/vulnerabilities/43589
http://secunia.com/advisories/30938
http://securitytracker.com/id?1020431
http://www.novell.com/support/search.do?cmd=displayKC\u0026sliceId=SAL_Public\u0026externalId=3694858
http://www.securityfocus.com/bid/30085
http://www.vupen.com/english/advisories/2008/1999
http://www.zerodayinitiative.com/advisories/ZDI-08-041/
https://exchange.xforce.ibmcloud.com/vulnerabilities/43589

NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-3159
CWE	https://cwe.mitre.org/data/definitions/189.html