PT-2018-3493 · Red Hat+3 · 389-Ds-Base+4

Cedric Buissart

Publicado

2018-06-13

Atualizado

2024-06-15

CVE-2018-10850

CVSS v2.0

7.1

Alta

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: 389-ds-base versions prior to 1.4.0.10 389-ds-base versions prior to 1.3.8.3

Description: The issue is caused by errors in synchronization when using a shared resource, potentially allowing a remote attacker to cause a denial of service. An anonymous attacker could exploit this flaw to trigger a crash if the server is under load, resulting in a denial of service.

Recommendations: For versions prior to 1.4.0.10, update to version 1.4.0.10 or later. For versions prior to 1.3.8.3, update to version 1.3.8.3 or later.

Correção

DoS

Race Condition

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362

Identificadores relacionados

ALT-PU-2019-1207

BDU:2020-02768

CESA-2018_2757

CVE-2018-10850

DLA-1428-1

MGASA-2018-0404

OPENSUSE-SU-2019:1397-1

OPENSUSE-SU-2019_1397-1

OPENSUSE-SU-2024:10593-1

RHSA-2018:2757

RHSA-2018_2757

SUSE-SU-2019:1207-1

SUSE-SU-2019:1207-2

Produtos afetados

389-Ds-Base

Alt Linux

Centos

Red Hat

Suse

PT-2018-3493 · Red Hat+3 · 389-Ds-Base+4

CVE-2018-10850

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 46