RSS   Vulnerabilities for 'Edirectory'   RSS

2018-08-09
 
CVE-2018-7692

CWE-601
 

 
Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1.

 
 
CVE-2018-7686

CWE-200
 

 
Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage.

 
2018-07-10
 
CVE-2018-12461

CWE-295
 

 
Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation.

 
2018-03-21
 
CVE-2018-1346

CWE-264
 

 
Addresses denial of service attack to eDirectory versions prior to 9.1.

 
2018-03-02
 
CVE-2017-9285

CWE-284
 

 
NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.

 
 
CVE-2017-7429

CWE-295
 

 
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.

 
2017-04-27
 
CVE-2017-5186

 

 
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.

 
2012-12-25
 
CVE-2012-0432

 

 
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.

 
 
CVE-2012-0430

CWE-noinfo
 

 
Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors.

 
 
CVE-2012-0429

CWE-Other
 

 
dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request.

 


Copyright 2019, cxsecurity.com

 

Back to Top