CVE-2025-2487

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions 389-ds-base LDAP Server (affected versions not specified)

Description A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025:4491

ALSA-2025:7395

BDU:2026-00276

CVE-2025-2487

INFSA-2025_4491

INFSA-2025_7395

OESA-2025-1373

OESA-2025-1374

OPENSUSE-SU-2025:14934-1

RHSA-2025:3663

RHSA-2025:3670

RHSA-2025:4491

RHSA-2025:7395

RHSA-2025_4491

RHSA-2025_7395

Affected Products

389-Ds-Base

Almalinux

Debian

Red Hat

Red Os

Rocky Linux

CVE-2025-2487

Weakness Enumeration

Related Identifiers

Affected Products

References · 43