Lucene search

[email protected]NVD:CVE-2014-8182

HistoryJan 02, 2020 - 11:15 p.m.

CVE-2014-8182

2020-01-0223:15:11

CWE-193

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.281 Low

EPSS

Percentile

96.9%

JSON

An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with crafted DNS responses.

Affected configurations

NVD

Node

openldapopenldapMatch2.4

Node

debiandebian_linuxMatch8.0

debiandebian_linuxMatch9.0

debiandebian_linuxMatch10.0

References

access.redhat.com/security/cve/cve-2014-8182

bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8182

bugzilla.suse.com/show_bug.cgi?id=CVE-2014-8182

security-tracker.debian.org/tracker/CVE-2014-8182

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.281 Low

EPSS

Percentile

96.9%

JSON

Related for NVD:CVE-2014-8182

veracode1 ubuntucve1 prion1 cvelist1 cve1 debiancve1 nessus5 openvas1 redhat1 centos1