[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-0927Date: (C)2008-04-14   (M)2023-12-22


dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. NOTE: this might be similar to CVE-2008-1777.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1019836
http://www.securityfocus.com/archive/1/491622/100/0/threaded
BID-28757
SECUNIA-29805
EXPLOIT-DB-5547
ADV-2008-1217
http://www.novell.com/support/viewContent.do?externalId=3829452&sliceId=1
novell-edirectory-dhost-dos(41787)

CPE    3
cpe:/o:microsoft:windows-nt:2003
cpe:/a:novell:edirectory
cpe:/o:microsoft:windows-nt:2000
CWE    1
CWE-399

© SecPod Technologies