Lucene search
K

2238 matches found

RedHat Linux
RedHat Linux
added 4 days ago10 views

389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

7.6CVSS6.2AI score0.0067EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 4 days ago10 views

Important: Red Hat Security Advisory: 389-ds-base security update

An update for 389-ds-base is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS6.2AI score0.0067EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 4 days ago9 views

389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer...

8.8CVSS6.1AI score0.00627EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 4 days ago10 views

389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer...

8.8CVSS6.1AI score0.00627EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 4 days ago12 views

389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

7.6CVSS6.2AI score0.0067EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 4 days ago13 views

Important: Red Hat Security Advisory: 389-ds:1.4 security update

An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

8.8CVSS6.2AI score0.0067EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 4 days ago9 views

389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

7.6CVSS6.2AI score0.0067EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 4 days ago9 views

389-ds-base: 389-ds-base: Heap buffer overflow in sasl_io_recv() via padded SASL UNBIND

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer...

8.8CVSS6.1AI score0.00627EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 4 days ago5 views

Important: Red Hat Security Advisory: redhat-ds:11 security update

An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.9 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

8.8CVSS6AI score0.0067EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 4 days ago4 views

389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

7.6CVSS6.2AI score0.0067EPSS
Exploits0References5
NVD
NVD
added 4 days ago18 views

CVE-2026-11610

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer...

8.8CVSS0.00627EPSS
Exploits0References19
Cvelist
Cvelist
added 4 days ago29 views

CVE-2026-11610 389-ds-base: 389-ds-base: heap buffer overflow in sasl_io_recv() via padded sasl unbind

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer...

8.8CVSS0.00627EPSS
Exploits0References19
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42026

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer...

8.8CVSS6.1AI score0.00627EPSS
Exploits0References14
Vulnrichment
Vulnrichment
added 4 days ago3 views

CVE-2026-11610 389-ds-base: 389-ds-base: heap buffer overflow in sasl_io_recv() via padded sasl unbind

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer...

8.8CVSS6.1AI score0.00627EPSS
Exploits0References19
CVE
CVE
added 4 days ago13 views

CVE-2026-11610

CVE-2026-11610 affects 389-ds-base (389 Directory Server) in the SASL I/O layer. The flaw is a heap buffer overflow in sasl_io_recv() (sasl_io.c) that occurs after a successful SASL bind with integrity protection (SSF > 0). An authenticated attacker can send a crafted oversized LDAP UNBIND pac...

8.8CVSS6.1AI score0.00627EPSS
Exploits0References19
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-11610

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer...

8.8CVSS6.1AI score0.00627EPSS
Exploits0References20Affected Software1
RedhatCVE
RedhatCVE
added 4 days ago5 views

CVE-2026-11610

A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer...

8.8CVSS6.1AI score0.00627EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 4 days ago7 views

PT-2026-56170

Name of the Vulnerable Software and Affected Versions 389 Directory Server 389-ds-base versions 1.3.2 through 11.12.4 Update1 389 Directory Server 389-ds-base versions 12.0 through 12.12 389 Directory Server 389-ds-base versions 2025.1 through 2026.2 Description A heap buffer overflow exists in t...

8.8CVSS6.1AI score0.00627EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 4 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-14940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding...

5.3CVSS6.1AI score0.00294EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 4 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-11610

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, a...

8.8CVSS6.2AI score0.01038EPSS
Exploits0References4
Rows per page
Query Builder