{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-11-23T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2009-3379", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/3379"}, {"name": "37184", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/37184"}, {"name": "application-control-request-overflow(50616)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50616"}, {"name": "20091124 Novell eDirectory Remote Code Execution", "tags": ["third-party-advisory", "x_refsource_ISS"], "url": "http://www.iss.net/threats/356.html"}, {"name": "37554", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/37554"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.novell.com/support/viewContent.do?externalId=7004912"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.novell.com/show_bug.cgi?id=524344"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.novell.com/show_bug.cgi?id=545887"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0895", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2009-3379", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/3379"}, {"name": "37184", "refsource": "BID", "url": "http://www.securityfocus.com/bid/37184"}, {"name": "application-control-request-overflow(50616)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50616"}, {"name": "20091124 Novell eDirectory Remote Code Execution", "refsource": "ISS", "url": "http://www.iss.net/threats/356.html"}, {"name": "37554", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37554"}, {"name": "http://www.novell.com/support/viewContent.do?externalId=7004912", "refsource": "CONFIRM", "url": "http://www.novell.com/support/viewContent.do?externalId=7004912"}, {"name": "https://bugzilla.novell.com/show_bug.cgi?id=524344", "refsource": "MISC", "url": "https://bugzilla.novell.com/show_bug.cgi?id=524344"}, {"name": "https://bugzilla.novell.com/show_bug.cgi?id=545887", "refsource": "MISC", "url": "https://bugzilla.novell.com/show_bug.cgi?id=545887"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0895", "datePublished": "2009-12-03T17:00:00", "dateReserved": "2009-03-14T00:00:00", "dateUpdated": "2017-08-16T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp10:*:*:*:*:*:*", "matchCriteriaId": "6F8E26AA-2F13-4E02-967F-5675C402B969", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp10:ftf1:*:*:*:*:*", "matchCriteriaId": "50A97C1A-2DCE-4F85-A177-1CEA84C943EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp10_b:*:*:*:*:*:*", "matchCriteriaId": "D793787E-2CFB-4822-85ED-0BB79D3FFF95", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp3:*:*:*:*:*:*", "matchCriteriaId": "9A38C607-73EA-4785-97FC-3D6013DC2981", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp3:ftf1:*:*:*:*:*", "matchCriteriaId": "D5BD6876-7210-4BEB-B7AA-D244135365D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp4:*:*:*:*:*:*", "matchCriteriaId": "05979B3C-5275-43F4-9B45-865D1E22297E", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp4:ftf1:*:*:*:*:*", "matchCriteriaId": "718BDE90-B390-4CE8-BDB9-9C6FBEFE14CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp5:*:*:*:*:*:*", "matchCriteriaId": "6675EC25-306B-45B1-92C4-9528FA54A215", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:sp5:ftf1:*:*:*:*:*", "matchCriteriaId": "9D98C9A0-47D5-4999-943C-3505C6FB6F97", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "9E8D4976-BAE9-4A83-9DF6-9436C54E8413", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "A626A123-E33A-445F-93A2-8FA3B2E3E53A", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.7.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "896C7671-E300-4E6D-86A3-D0DAF4168CC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*", "matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp1:*:*:*:*:*:*", "matchCriteriaId": "03D34570-657E-48D5-B778-9510C3D0FF7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp2:*:*:*:*:*:*", "matchCriteriaId": "2EA7ED79-2E4E-4BE0-B167-31BB6311A506", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp3:ftf3:*:*:*:*:*", "matchCriteriaId": "E263D9A0-CAC3-4009-9F5B-8EA7365B28AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.8:sp4:*:*:*:*:*:*", "matchCriteriaId": "A78EBF3A-4073-41D2-BD52-E598318D4996", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "C13882AD-D700-4B95-9BB2-B3E0D104B227", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8FDCB14-9380-42C3-A6EE-3E6AEA3F52F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.8.2:*:ftf1:*:*:*:*:*", "matchCriteriaId": "029E2F2F-CFC0-4C35-956C-703264AF3E82", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:edirectory:8.8.5:*:ftf1:*:*:*:*:*", "matchCriteriaId": "57A31BFD-F2AA-4FCD-A661-706B5CFE2CDC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow."}, {"lang": "es", "value": "Desbordamiento de entero en Novell eDirectory v8.7.3.x anteriores a v8.7.3.10 ftf2 y v8.8.x anteriores a v8.8.5.2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de la peticion NDS 0x1 conteniendo un valor de entero largo que inicia un desbordamiento de b\u00fafer basado en pila."}], "id": "CVE-2009-0895", "lastModified": "2017-08-17T01:30:04.973", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-12-03T17:30:00.407", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/37554"}, {"source": "cve@mitre.org", "url": "http://www.iss.net/threats/356.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.novell.com/support/viewContent.do?externalId=7004912"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/37184"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/3379"}, {"source": "cve@mitre.org", "url": "https://bugzilla.novell.com/show_bug.cgi?id=524344"}, {"source": "cve@mitre.org", "url": "https://bugzilla.novell.com/show_bug.cgi?id=545887"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50616"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}