Описание
dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. NOTE: this might be similar to CVE-2008-1777.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 8.7.3.9 (включая)Версия от 8.8 (включая) до 8.8.2 (исключая)
Одновременно
Одно из
cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*
cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:microsoft:windows-nt:2000:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:2003:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.77052
Высокий
5 Medium
CVSS2
Дефекты
CWE-399
Связанные уязвимости
github
почти 4 года назад
dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. NOTE: this might be similar to CVE-2008-1777.
EPSS
Процентиль: 99%
0.77052
Высокий
5 Medium
CVSS2
Дефекты
CWE-399