PT-2024-37471 · Red Hat+6 · 389 Directory Server+7

Robb Gatica

Published

2023-11-21

Updated

2024-09-20

CVE-2024-6237

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: 389 Directory Server (affected versions not specified)

Description: A flaw in the 389 Directory Server allows an unauthenticated user to cause a systematic server crash by sending a specific extended search request, leading to a denial of service.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-230

Related Identifiers

ALSA-2024:5192

ALT-PU-2024-11462

BDU:2025-11968

CVE-2024-6237

INFSA-2024_5192

OESA-2024-2166

OPENSUSE-SU-2024:14227-1

RHSA-2024:4997

RHSA-2024:5192

RHSA-2024_5192

RLSA-2024:5192

Affected Products

389 Directory Server

Alt Linux

Almalinux

Astra Linux

Debian

Red Hat

Red Os

Rocky Linux

PT-2024-37471 · Red Hat+6 · 389 Directory Server+7

CVE-2024-6237

Weakness Enumeration

Related Identifiers

Affected Products

References · 39