CVE-2008-5038 - Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 S

CVE-2008-5038

Summary

Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852.

References

Vulnerable Configurations

cpe:2.3:a:novell:edirectory:8.7.3:sp1:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp1:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp2:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp2:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp3:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp3:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp4:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp4:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp5:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp5:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp6:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp6:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp7:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp7:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp8:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp8:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp9:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.7.3:sp9:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:-:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:-:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.8:-:*:*:*:windows:*:*
cpe:2.3:a:novell:edirectory:8.8:-:*:*:*:windows:*:*

CVSS

Base:	10.0 (as of 02-02-2024 - 15:49)
Impact:
Exploitability:

CWE

CWE-416

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	31956
confirm	http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037180.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5037181.html http://www.novell.com/support/viewContent.do?externalId=3426981
idefense	20081030 Novell eDirectory NCP Get Extension Information Request Memory Corruption Vulnerability
osvdb	48206
sectrack	1021117
secunia	32395
vupen	ADV-2008-2937
xf	novell-edirectory-ncp-unspecified(46138)

Last major update

02-02-2024 - 15:49

Published

12-11-2008 - 21:09

Last modified

02-02-2024 - 15:49