Buffer overflow

2018-05-0915:29:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

High

0.037 Low

EPSS

Percentile

91.8%

JSON

389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

CPENameOperatorVersion
debian_linuxeq8.0
389_directory_servereq1.3.8.1
389_directory_serverge1.4.0.0
389_directory_serverlt1.4.0.9
389_directory_serverge1.3.6.0
389_directory_serverlt1.3.6.15
389_directory_servereq1.3.8.2
enterprise_linux_desktopeq7.0
enterprise_linux_desktopeq6.0
enterprise_linux_servereq7.0

Name	Operator	Version
debian_linux	eq	8.0
389_directory_server	eq	1.3.8.1
389_directory_server	ge	1.4.0.0
389_directory_server	lt	1.4.0.9
389_directory_server	ge	1.3.6.0
389_directory_server	lt	1.3.6.15
389_directory_server	eq	1.3.8.2
enterprise_linux_desktop	eq	7.0
enterprise_linux_desktop	eq	6.0
enterprise_linux_server	eq	7.0