56 matches found
SUSE CVE-2022-2850
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...
389-ds-base: SIGSEGV in sync_repl
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...
389-ds-base: SIGSEGV in sync_repl
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...
Amazon Linux 2 : 389-ds-base (ALAS-2022-1879)
The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1879 advisory. A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL...
Medium: 389-ds-base
Issue Overview: A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. CVE-2022-2850 Affected Packages...
389-ds-base: SIGSEGV in sync_repl
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...
AlmaLinux 9 : 389-ds-base (ALSA-2022:8162)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8162 advisory. - A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denia...
Rocky Linux 8 : 389-ds:1.4 (RLSA-2022:7133)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7133 advisory. - A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a special...
389-ds-base: SIGSEGV in sync_repl
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...
Denial Of Service (DoS)
389-ds-base is vulnerable to Denial Of Service DoS. The vulnerability exists when the content synchronization plugin is enabled, allowing an attacker crash the application through the null pointer dereference by providing a maliciously crafted query...
AlmaLinux 8 : 389-ds:1.4 (ALSA-2022:7133)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7133 advisory. 389-ds-base: SIGSEGV in syncrepl CVE-2022-2850 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessu...
Oracle Linux 8 : 389-ds:1.4 (ELSA-2022-7133)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7133 advisory. 1.4.3.28-8 - Bump version to 1.4.3.28-8 - Resolves: Bug 2131743 - SIGSEGV in syncrepl Tenable has extracted the preceding description block directly from the...
389-ds-base: SIGSEGV in sync_repl
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...
389-ds-base: SIGSEGV in sync_repl
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...
CVE-2022-2850
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...
CVE-2022-2850
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...
DEBIAN-CVE-2022-2850
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...
CVE-2022-2850
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...
UBUNTU-CVE-2022-2850
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...
CVE-2022-2850
Summary: CVE-2022-2850 affects 389-ds-base where the Content Synchronization plugin, when enabled, allows an authenticated user to trigger a NULL pointer dereference and cause a denial of service. This entry is tied to an incomplete fix for CVE-2021-3514. What’s affected (from connected docs): 38...