Vulnerability Name:

CVE-2006-2496 (CCN-26524)

Assigned:2006-05-17
Published:2006-05-17
Updated:2018-10-18
Summary:Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Full-Disclosure Mailing List, Mon May 22 2006 - 12:55:47 CDT
ZDI-06-016: Novell eDirectory 8.8 NDS Server Buffer Overflow Vulnerability

Source: MITRE
Type: CNA
CVE-2006-2496

Source: CCN
Type: SA20139
Novell eDirectory iMonitor NDS Server Buffer Overflow Vulnerability

Source: SECUNIA
Type: Patch, Vendor Advisory
20139

Source: CCN
Type: SECTRACK ID: 1016120
Novell eDirectory iMonitor Buffer Overflow Has Unspecified Impact

Source: SECTRACK
Type: Patch
1016120

Source: CCN
Type: Novell Technical Information Document TID2973759
eDirectory 8.8 iMonitor Security Update

Source: CONFIRM
Type: Patch
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973759.htm

Source: OSVDB
Type: UNKNOWN
25781

Source: CCN
Type: OSVDB ID: 25781
Novell eDirectory / iMonitor NDS Server URI Overflow

Source: BUGTRAQ
Type: UNKNOWN
20060522 ZDI-06-016: Novell eDirectory 8.8 NDS Server Buffer Overflow Vulnerability

Source: BID
Type: Patch
18026

Source: CCN
Type: BID-18026
Novell eDirectory Server Long URI iMonitor Buffer Overflow Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2006-1850

Source: MISC
Type: UNKNOWN
http://www.zerodayinitiative.com/advisories/ZDI-06-016.html

Source: XF
Type: UNKNOWN
novell-imonitor-bo(26524)

Source: XF
Type: UNKNOWN
novell-imonitor-bo(26524)

Source: CCN
Type: ZDI-06-016
Novell eDirectory 8.8 NDS Server Buffer Overflow Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/a:novell:edirectory:8.8:*:*:*:*:*:*:*
  • OR cpe:/a:novell:imonitor:2.4:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:novell:edirectory:8.8:*:*:*:*:*:*:*
  • OR cpe:/a:novell:imonitor:2.4:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    novell edirectory 8.8
    novell imonitor 2.4
    novell edirectory 8.8
    novell imonitor 2.4