Denial Of Service (DoS)

🗓️ 15 Jan 2019 09:22:04Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 23 Views

389-ds-base vulnerability to denial of service by remote unauthenticated attacker through buffer overflow with malicious LDAP request

Reporter	Title	Published	Views	Family All 58
Tenable Nessus	Amazon Linux 2 : 389-ds-base (ALAS-2018-1036)	12 Jun 201800:00	–	nessus
Tenable Nessus	Amazon Linux AMI : 389-ds-base (ALAS-2018-1036)	12 Jun 201800:00	–	nessus
Tenable Nessus	CentOS 6 : 389-ds-base (CESA-2018:1364)	10 May 201800:00	–	nessus
Tenable Nessus	CentOS 7 : 389-ds-base (CESA-2018:1380)	31 May 201800:00	–	nessus
Tenable Nessus	Debian DLA-1428-1 : 389-ds-base security update	16 Jul 201800:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : 389-ds-base (EulerOS-SA-2018-1190)	3 Jul 201800:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP3 : 389-ds-base (EulerOS-SA-2018-1191)	3 Jul 201800:00	–	nessus
Tenable Nessus	MiracleLinux 4 : 389-ds-base-1.2.11.15-95.AXS4 (AXSA:2018-3037:03)	19 Jan 202600:00	–	nessus
Tenable Nessus	MiracleLinux 7 : 389-ds-base-1.3.7.5-21.el7 (AXSA:2018-3062:05)	20 Jan 202600:00	–	nessus
Tenable Nessus	NewStart CGSL CORE 5.04 / MAIN 5.04 : 389-ds-base Multiple Vulnerabilities (NS-SA-2019-0038)	12 Aug 201900:00	–	nessus

Vulners

Node

port389 389-ds-baseMatch1.3.7.5_19.el7_5

port389 389-ds-baseMatch1.3.7.5_18.el7

port389 389-ds-baseMatch1.2.11.15_69.el6_7

port389 389-ds-baseMatch1.2.11.15_94.el6_9

port389 389-ds-baseMatch1.2.11.15_47.el6

port389 389-ds-baseMatch1.2.10.2_18.el6_3

port389 389-ds-baseMatch1.2.11.15_85.el6_8

port389 389-ds-baseMatch1.2.11.15_50.el6_6

port389 389-ds-baseMatch1.2.11.15_62.el6_7

port389 389-ds-baseMatch1.2.11.15_48.el6_6

port389 389-ds-baseMatch1.2.11.15_74.el6

port389 389-ds-baseMatch1.2.11.15_22.el6_4

port389 389-ds-baseMatch1.2.9.14_1.el6_2.2

port389 389-ds-baseMatch1.2.11.15_91.el6_9

port389 389-ds-baseMatch1.2.11.15_60.el6

port389 389-ds-baseMatch1.2.11.15_11.el6

port389 389-ds-baseMatch1.2.11.15_12.el6_4

port389 389-ds-baseMatch1.2.10.2_20.el6_3

port389 389-ds-baseMatch1.2.11.15_30.el6_5

port389 389-ds-baseMatch1.2.11.15_84.el6_8

port389 389-ds-baseMatch1.2.11.15_75.el6_8

port389 389-ds-baseMatch1.2.11.15_33.el6_5

port389 389-ds-baseMatch1.2.10.2_15.el6

port389 389-ds-baseMatch1.2.9.14_1.el6

port389 389-ds-baseMatch1.2.8.2_1.el6

port389 389-ds-baseMatch1.2.11.15_46.el6

port389 389-ds-baseMatch1.2.11.15_45.el6

port389 389-ds-baseMatch1.2.11.15_68.el6_7

port389 389-ds-baseMatch1.2.11.15_32.el6_5

port389 389-ds-baseMatch1.2.11.15_20.el6_4

port389 389-ds-baseMatch1.2.8.2_1.el6_1.3

port389 389-ds-baseMatch1.2.11.15_34.el6_5

port389 389-ds-baseMatch1.2.11.15_72.el6_7

port389 389-ds-baseMatch1.2.11.15_89.el6

port389 389-ds-baseMatch1.2.11.15_31.el6_5

port389 389-ds-baseMatch1.2.11.15_14.el6_4

port389 389-ds-baseMatch1.2.11.15_65.el6_7

port389 389-ds-baseMatch1.2.11.15_29.el6

Source	Link
securityfocus	www.securityfocus.com/bid/104137
lists	www.lists.debian.org/debian-lts-announce/2018/07/msg00018.html
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/errata/RHSA-2018:1380
access	www.access.redhat.com/security/updates/classification/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

10 Oct 2019 03:25Current

7.5High risk

Vulners AI Score7.5

CVSS 37.5

CVSS 25

EPSS0.14569