[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108684

 
 

909

 
 

85446

 
 

134

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2018-1089Date: (C)2018-05-10   (M)2018-06-12


389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score :
Exploit Score: Exploit Score:
Impact Score: Impact Score:
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector:
Attack Complexity: Access Complexity:
Privileges Required: Authentication:
User Interaction: Confidentiality:
Scope: Integrity:
Confidentiality: Availability:
Integrity:  
Availability:  
  
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1089

OVAL    8
oval:org.secpod.oval:def:204797
oval:org.secpod.oval:def:502288
oval:org.secpod.oval:def:502291
oval:org.secpod.oval:def:1502209
...

© SecPod Technologies