Back to search
CVE-2008-0926
Published: Mar 28, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 and earlier, and 8.8.x before 8.8.2, relies on client-side authentication, which allows remote attackers to bypass authentication via requests for /SOAP URIs, and cause a denial of service (daemon shutdown) or read arbitrary files. NOTE: it was later reported that 8.7.3.10 (aka 8.7.3 SP10) is also affected.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
novell-edirectory-embox-unspecified(41426)
vdb-entry
x_refsource_XF
20080505 Novell eDirectory unauthenticated access to SOAP interface
mailing-list
x_refsource_BUGTRAQ
1019691
vdb-entry
x_refsource_SECTRACK
28441
vdb-entry
x_refsource_BID
29527
third-party-advisory
x_refsource_SECUNIA
ADV-2008-0988
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now