CVE-2008-5091
Novell eDirectory < 8.8 - Denial of Service via Invalid ExtensibleMatch Filter
Title source: llmDescription
Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter."
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/30947
Vendor Advisory x_refsource_confirm
http://www.novell.com/support/viewContent.do?externalId=3426981
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1020788
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43590
Vendor Advisory x_refsource_confirm
http://www.novell.com/documentation/edir873/sp10_readme/netware/readme.txt
Vendor Advisory x_refsource_confirm
http://www.novell.com/support/viewContent.do?externalId=3477912
Issue Tracking x_refsource_misc
https://bugzilla.novell.com/show_bug.cgi?id=373853
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2462
Scores
EPSS
0.0065
EPSS Percentile
70.9%
Details
CWE
CWE-119
Status
published
Products (16)
novell/edirectory
8.0
novell/edirectory
8.5
novell/edirectory
8.5.12a
novell/edirectory
8.5.27
novell/edirectory
8.6.2
novell/edirectory
8.7
novell/edirectory
8.7.1 (2 CPE variants)
novell/edirectory
8.7.3 (9 CPE variants)
novell/edirectory
8.7.3.8
novell/edirectory
8.7.3.8_presp9
... and 6 more
Published
Nov 14, 2008
Tracked Since
Feb 18, 2026