PT-2008-4368 · Red Hat+2 · Red Hat Directory Server+2

Ulf Weltman

Published

2008-08-29

Updated

2017-09-29

CVE-2008-2930

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Red Hat Directory Server versions 7.1 before SP7 Red Hat Directory Server version 8 Fedora Directory Server version 1.1.1

Description The issue allows remote attackers to cause a denial of service, resulting in CPU consumption and search outage, via crafted LDAP search requests with patterns. This is related to a single-threaded regular-expression subsystem.

Recommendations For Red Hat Directory Server versions 7.1 before SP7, update to SP7 or later to resolve the issue. For Red Hat Directory Server version 8, consider restricting access to the LDAP search functionality until a patch is available. For Fedora Directory Server version 1.1.1, restrict access to the vulnerable regular-expression subsystem to minimize the risk of exploitation.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2008-2930

HPSBUX02354

RHSA-2008:0596

RHSA-2008:0602

RHSA-2008:0858

Affected Products

Fedora Directory Server

Hp-Ux

Red Hat Directory Server

PT-2008-4368 · Red Hat+2 · Red Hat Directory Server+2

CVE-2008-2930

Weakness Enumeration

Related Identifiers

Affected Products

References · 24