PT-2018-3493 · Red Hat+3 · 389-Ds-Base+4

Cedric Buissart

Published

2018-06-13

Updated

2024-06-15

CVE-2018-10850

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: 389-ds-base versions prior to 1.4.0.10 389-ds-base versions prior to 1.3.8.3

Description: The issue is caused by errors in synchronization when using a shared resource, potentially allowing a remote attacker to cause a denial of service. An anonymous attacker could exploit this flaw to trigger a crash if the server is under load, resulting in a denial of service.

Recommendations: For versions prior to 1.4.0.10, update to version 1.4.0.10 or later. For versions prior to 1.3.8.3, update to version 1.3.8.3 or later.

Fix

DoS

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALT-PU-2019-1207

BDU:2020-02768

CESA-2018_2757

CVE-2018-10850

DLA-1428-1

MGASA-2018-0404

OPENSUSE-SU-2019:1397-1

OPENSUSE-SU-2019_1397-1

OPENSUSE-SU-2024:10593-1

RHSA-2018:2757

RHSA-2018_2757

SUSE-SU-2019:1207-1

SUSE-SU-2019:1207-2

Affected Products

389-Ds-Base

Alt Linux

Centos

Red Hat

Suse

PT-2018-3493 · Red Hat+3 · 389-Ds-Base+4

CVE-2018-10850

Weakness Enumeration

Related Identifiers

Affected Products

References · 46