CVE-2010-4327 - Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 bef

CVE-2010-4327

Summary

Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524.

References

Vulnerable Configurations

cpe:2.3:a:novell:edirectory:8.8.5:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.8.5:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.8.6:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:8.8.6:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 10-10-2018 - 20:08)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	46263
bugtraq	20110207 ZDI-11-060: Novell eDirectory Malformed NCP Request Denial of Service Vulnerability
confirm	http://www.novell.com/support/viewContent.do?externalId=7007781&sliceId=2
misc	http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell http://www.zerodayinitiative.com/advisories/ZDI-11-060
secunia	43186
sreason	8071
vupen	ADV-2011-0305

Last major update

10-10-2018 - 20:08

Published

10-02-2011 - 18:00

Last modified

10-10-2018 - 20:08