Tuesday, December 25, 2012

Today's NIST CVE Issuance's For Vulnerabilities In NetIQ eDirectory

Click on the underlined CVE for additional vuln specific info


CVE-2012-0432
Summary: Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.
Published: 12/25/2012
CVE-2012-0430
Summary: Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors.
Published: 12/25/2012
CVE-2012-0429
Summary: dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request.
Published: 12/25/2012
CVE-2012-0428
Summary: Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Published: 12/25/2012

No comments:

Post a Comment