The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Edirectory | Novell | 8.7.3.9 | 8.7.3.9 |
Edirectory | Novell | 8.7.3 | 8.7.3 |
Edirectory | Novell | 8.8 | 8.8 |
Edirectory | Novell | 8.8 | 8.8 |
Edirectory | Novell | 8.7.3 | 8.7.3 |
Edirectory | Novell | 8.7.3 | 8.7.3 |
Edirectory | Novell | 8.8 | 8.8 |
Edirectory | Novell | 8.8 | 8.8 |
Edirectory | Novell | 8.7.3 | 8.7.3 |
Edirectory | Novell | 8.8.2 | 8.8.2 |
Edirectory | Novell | 8.7.3 | 8.7.3 |
Edirectory | Novell | 8.7.3 | 8.7.3 |
Edirectory | Novell | 8.7.3 | 8.7.3 |
Edirectory | Novell | 8.7.3.8 | 8.7.3.8 |
Edirectory | Novell | 8.8.1 | 8.8.1 |
Edirectory | Novell | 8.7.3 | 8.7.3 |
Edirectory | Novell | 8.7.3 | 8.7.3 |
Edirectory | Novell | 8.8 | 8.8 |