Lucene search

[email protected]CVE-2001-1308

HistoryJul 16, 2001 - 4:00 a.m.

CVE-2001-1308

2001-07-1604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-1308

iplanet directory server

denial of service

remote attack

protos ldapv3.

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.074 Low

EPSS

Percentile

94.0%

JSON

Format string vulnerabilities in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

CPENameOperatorVersion
sun:iplanet_directory_serversun iplanet directory serverle4.1.4

CPE	Name	Operator	Version
sun:iplanet_directory_server	sun iplanet directory server	le	4.1.4

References

ftp://patches.sgi.com/support/free/security/advisories/20011102-01-I

ciac.llnl.gov/ciac/bulletins/l-116.shtml

www.cert.org/advisories/CA-2001-18.html

www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/

www.kb.cert.org/vuls/id/276944

www.kb.cert.org/vuls/id/JPLA-4WESMM

www.securityfocus.com/bid/3039

exchange.xforce.ibmcloud.com/vulnerabilities/6898

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.074 Low

EPSS

Percentile

94.0%

JSON

Related for CVE-2001-1308

cert1