[VIM] ZDI-10-024: Novell eDirectory SOAP Request Parsing Denial of Service Vulnerability
security curmudgeon
jericho at attrition.org
Sat Apr 17 20:10:07 UTC 2010
Hi ZDI,
While trying to match the following advisory to OSVDB and CVE, I noticed
something that I have seen a few times in the past regarding the way ZDI
designates advisory IDs. I'd like to request that published ZDI advisories
be enhanced in a small way to better cross-reference information released
by ZDI. Example:
: ZDI-10-024: Novell eDirectory SOAP Request Parsing Denial of Service Vulnerability
: http://www.zerodayinitiative.com/advisories/ZDI-10-024
: March 2, 2010
: [No CVE]
: http://www.novell.com/support/viewContent.do?externalId=7005341
I am trying to determine if this is the same as CVE-2010-0666 which links
to http://www.novell.com/support/viewContent.do?externalId=3426981
That vendor changelog has the following entry:
EMBOX:
- Security Vulnerability: embox SOAP request causes eDirectory to core [ZDI-CAN-440] (Bug 548503)
Since ZDI-CAN-440 has been published, it no longer appears on your
'upcoming' advisories page. Your published advisories do not reference the
previous ZDI-CAN-### designation. If ZDI could start to include that piece
of information, it would help VDBs in avoiding duplicates should they
create an entry based on an upcoming advisory.
Thanks,
Brian
OSVDB.org
More information about the VIM
mailing list