PT-2013-4934 · Red Hat+1 · 389 Directory Server+2

Chris Hudson

Published

2013-08-28

Updated

2013-09-11

CVE-2013-4283

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions 389 Directory Server versions prior to 1.3.0.8

Description The issue allows remote attackers to cause a denial of service, resulting in a server crash. This can be achieved by sending a crafted Distinguished Name (DN) in a MOD operation request.

Recommendations For versions prior to 1.3.0.8, update to version 1.3.0.8 or later to resolve the issue.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CESA-2013_1182

CVE-2013-4283

MGASA-2013-0263

RHSA-2013:1182

RHSA-2013_1182

Affected Products

389 Directory Server

Centos

Red Hat

PT-2013-4934 · Red Hat+1 · 389 Directory Server+2

CVE-2013-4283

Weakness Enumeration

Related Identifiers

Affected Products

References · 26