CVE-2006-4520: CVE-2006-4520

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-4520

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Novell eDirectory NCP碎片长度拒绝服务漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Novell eDirectory是一个的跨平台的目录服务器。 eDirectory产品的NCP功能在处理畸形的碎片请求时存在处理漏洞，远程攻击者可能利用此漏洞导致服务进程崩溃。eDirectory产品的NCP功能如果收到了特制的输入，eDirectory会向其错误日志报告接受到了有无效长度的碎片，错误消息中包含16进制的碎片内容。但如果长度为负数的话，eDirectory就有可能将数据dump到日志中，导致将大量数据保存到日志。一旦到达了堆的末尾，就会触发内存破坏，服务进程会崩溃。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-4520

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-4520

Please Login to view more intelligence information

http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=3924657&sliceId=SAL_Publicx_refsource_CONFIRM
http://www.securityfocus.com/bid/23685vdb-entryx_refsource_BID
http://www.securitytracker.com/id?1017972vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2007/1550vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/33921vdb-entryx_refsource_XF
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=518third-party-advisoryx_refsource_IDEFENSE
https://nvd.nist.gov/vuln/detail/CVE-2006-4520

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-4520

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2006-4520

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-4520

III. Intelligence Information for CVE-2006-4520

IV. Related Vulnerabilities

V. Comments for CVE-2006-4520

Leave a comment