CVE-2009-0895

N/A Unknown

Published: December 03, 2009 Modified: April 23, 2026

Description

Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/37554

Source: cve@mitre.org

Vendor Advisory

http://www.iss.net/threats/356.html

Source: cve@mitre.org

http://www.novell.com/support/viewContent.do?externalId=7004912

Source: cve@mitre.org

Patch Vendor Advisory

http://www.securityfocus.com/bid/37184

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/3379

Source: cve@mitre.org

Patch Vendor Advisory

https://bugzilla.novell.com/show_bug.cgi?id=524344

Source: cve@mitre.org

https://bugzilla.novell.com/show_bug.cgi?id=545887

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/50616

Source: cve@mitre.org

http://secunia.com/advisories/37554