Unrated severityNVD Advisory· Published Oct 24, 2006· Updated Jun 16, 2026

CVE-2006-4177

Description

Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more data than intended.

Affected products

Novell/Edirectory3 versions
cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*range: <=8.8.1
- cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*
- (no CPE)range: <8.8.1 FTF1

Patches

Vulnerability mechanics

References

labs.idefense.com/intelligence/vulnerabilities/display.phpnvdPatchVendor Advisory
secunia.com/advisories/22506nvdPatchVendor Advisory
support.novell.com/cgi-bin/search/searchtid.cginvdPatch
securitytracker.com/idnvd
www.securityfocus.com/bid/20664nvd
www.vupen.com/english/advisories/2006/4142nvd
exchange.xforce.ibmcloud.com/vulnerabilities/29768nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000