Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2012-0833
HistoryJul 03, 2012 - 4:40 p.m.

CVE-2012-0833

2012-07-0316:40:31
CWE-264
[email protected]
web.nvd.nist.gov
8

CVSS2

2.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:S/C:N/I:N/A:P

AI Score

6

Confidence

Low

EPSS

0.002

Percentile

58.8%

JSON

The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.

Affected configurations

Nvd
Node
fedoraproject389_directory_serverRange1.2.10rc1
OR
fedoraproject389_directory_serverMatch1.2.1
OR
fedoraproject389_directory_serverMatch1.2.2
OR
fedoraproject389_directory_serverMatch1.2.3
OR
fedoraproject389_directory_serverMatch1.2.5
OR
fedoraproject389_directory_serverMatch1.2.5rc1
OR
fedoraproject389_directory_serverMatch1.2.5rc2
OR
fedoraproject389_directory_serverMatch1.2.5rc3
OR
fedoraproject389_directory_serverMatch1.2.5rc4
OR
fedoraproject389_directory_serverMatch1.2.6
OR
fedoraproject389_directory_serverMatch1.2.6a2
OR
fedoraproject389_directory_serverMatch1.2.6a3
OR
fedoraproject389_directory_serverMatch1.2.6a4
OR
fedoraproject389_directory_serverMatch1.2.6rc1
OR
fedoraproject389_directory_serverMatch1.2.6rc2
OR
fedoraproject389_directory_serverMatch1.2.6rc3
OR
fedoraproject389_directory_serverMatch1.2.6rc6
OR
fedoraproject389_directory_serverMatch1.2.6rc7
OR
fedoraproject389_directory_serverMatch1.2.6.1
OR
fedoraproject389_directory_serverMatch1.2.7alpha3
OR
fedoraproject389_directory_serverMatch1.2.7.5
OR
fedoraproject389_directory_serverMatch1.2.8alpha1
OR
fedoraproject389_directory_serverMatch1.2.8alpha2
OR
fedoraproject389_directory_serverMatch1.2.8alpha3
OR
fedoraproject389_directory_serverMatch1.2.8rc1
OR
fedoraproject389_directory_serverMatch1.2.8rc2
OR
fedoraproject389_directory_serverMatch1.2.8.1
OR
fedoraproject389_directory_serverMatch1.2.8.2
OR
fedoraproject389_directory_serverMatch1.2.8.3
OR
fedoraproject389_directory_serverMatch1.2.9.9
OR
fedoraproject389_directory_serverMatch1.2.10alpha8
VendorProductVersionCPE
fedoraproject389_directory_server*cpe:2.3:a:fedoraproject:389_directory_server:*:rc1:*:*:*:*:*:*
fedoraproject389_directory_server1.2.1cpe:2.3:a:fedoraproject:389_directory_server:1.2.1:*:*:*:*:*:*:*
fedoraproject389_directory_server1.2.2cpe:2.3:a:fedoraproject:389_directory_server:1.2.2:*:*:*:*:*:*:*
fedoraproject389_directory_server1.2.3cpe:2.3:a:fedoraproject:389_directory_server:1.2.3:*:*:*:*:*:*:*
fedoraproject389_directory_server1.2.5cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:*:*:*:*:*:*:*
fedoraproject389_directory_server1.2.5cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc1:*:*:*:*:*:*
fedoraproject389_directory_server1.2.5cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc2:*:*:*:*:*:*
fedoraproject389_directory_server1.2.5cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc3:*:*:*:*:*:*
fedoraproject389_directory_server1.2.5cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc4:*:*:*:*:*:*
fedoraproject389_directory_server1.2.6cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:*:*:*:*:*:*:*
Rows per page:
1-10 of 311

Related

ubuntucve 1
openvas 7
veracode 1
cvelist 1
debiancve 1
prion 1
nessus 9
centos 1
cve 1
redhat 2
oraclelinux 1
freebsd 1
ubuntucve
ubuntucve
CVE-2012-0833
2012-07-03 00:00:00
openvas
openvas
CentOS Update for 389-ds-base CESA-2012:0813 centos6
2012-07-30 00:00:00
Oracle: Security Advisory (ELSA-2012-0813)
2015-10-06 00:00:00
RedHat Update for 389-ds-base RHSA-2012:0813-04
2012-06-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:52:28
cvelist
cvelist
CVE-2012-0833
2012-07-03 16:00:00
debiancve
debiancve
CVE-2012-0833
2012-07-03 16:40:31
prion
prion
Code injection
2012-07-03 16:40:00
nessus
nessus
CentOS 6 : 389-ds-base (CESA-2012:0813)
2012-07-11 00:00:00
Oracle Linux 6 : 389-ds-base (ELSA-2012-0813)
2013-07-12 00:00:00
Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20120620)
2012-08-01 00:00:00
centos
centos
389 security update
2012-07-10 17:23:02
cve
cve
CVE-2012-0833
2012-07-03 16:40:31
redhat
redhat
(RHSA-2013:0549) Low: Red Hat Directory Server security and bug fix update
2013-02-21 00:00:00
(RHSA-2012:0813) Low: 389-ds-base security, bug fix, and enhancement update
2012-06-20 00:00:00
oraclelinux
oraclelinux
389-ds-base security, bug fix, and enhancement update
2012-06-27 00:00:00
freebsd
freebsd
apache22 -- several vulnerabilities
2012-09-13 00:00:00

CVSS2

2.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:S/C:N/I:N/A:P

AI Score

6

Confidence

Low

EPSS

0.002

Percentile

58.8%

JSON
Related for NVD:CVE-2012-0833
ubuntucve1openvas7veracode1cvelist1debiancve1prion1nessus9centos1cve1redhat2oraclelinux1freebsd1