PT-2018-3413 · Red Hat+3 · 389-Ds-Base+4

Published

2018-03-06

Updated

2024-06-15

CVE-2018-1054

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: 389-ds-base versions 1.4.x

Description: An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

Recommendations: For 389-ds-base versions 1.4.x, update to a version that includes a fix for the out-of-bounds memory read flaw to prevent potential denial of service attacks.

Fix

DoS

Out of bounds Read

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-120

Related Identifiers

ALT-PU-2019-1207

BDU:2020-00801

CESA-2018_0414

CESA-2018_0515

CVE-2018-1054

DLA-1428-1

MGASA-2018-0162

MGASA-2019-0411

OPENSUSE-SU-2024:10593-1

RHSA-2018:0414

RHSA-2018:0515

RHSA-2018_0414

RHSA-2018_0515

SUSE-SU-2019:2155-1

Affected Products

389-Ds-Base

Alt Linux

Centos

Red Hat

Suse

PT-2018-3413 · Red Hat+3 · 389-Ds-Base+4

CVE-2018-1054

Weakness Enumeration

Related Identifiers

Affected Products

References · 51