Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2017-2591HistoryApr 30, 2018 - 12:29 p.m.
CVE-2017-2591
2018-04-3012:29:00
Debian Security Bug Tracker
security-tracker.debian.org
7
0.002 Low
EPSS
Percentile
58.9%
389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the “attribute uniqueness” plugin of 389 Directory Server. An authenticated, or possibly unauthenticated, attacker could use this flaw to force an out-of-bound heap memory read, possibly triggering a crash of the LDAP service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | 389-ds-base | < 1.3.5.15-2 | 389-ds-base_1.3.5.15-2_all.deb |
| Debian | 11 | all | 389-ds-base | < 1.3.5.15-2 | 389-ds-base_1.3.5.15-2_all.deb |
| Debian | 10 | all | 389-ds-base | < 1.3.5.15-2 | 389-ds-base_1.3.5.15-2_all.deb |
| Debian | 999 | all | 389-ds-base | < 1.3.5.15-2 | 389-ds-base_1.3.5.15-2_all.deb |
| Debian | 13 | all | 389-ds-base | < 1.3.5.15-2 | 389-ds-base_1.3.5.15-2_all.deb |
Related
cvelist
cvelist
CVE-2017-2591
2018-04-30 12:00:00
cve
cve
CVE-2017-2591
2018-04-30 12:29:00
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0028)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1190)
2020-01-23 00:00:00
ubuntucve
ubuntucve
CVE-2017-2591
2018-04-30 00:00:00
redhatcve
redhatcve
CVE-2017-2591
2017-01-18 15:20:21
prion
prion
Design/Logic Flaw
2018-04-30 12:29:00
mageia
mageia
Updated 389-ds-base packages fix security vulnerability
2017-01-27 23:30:52
nessus
nessus
EulerOS 2.0 SP2 : 389-ds-base (EulerOS-SA-2018-1190)
2018-07-03 00:00:00
openSUSE Security Update : 389-ds (openSUSE-2017-1396)
2017-12-19 00:00:00