Back to search
CVE-2018-1054
Published: Mar 7, 2018
Modified: Sep 17, 2024
PUBLISHED
Description
An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
| Vendor | Product | Versions |
|---|---|---|
Red Hat, Inc. | 389-ds-base | affected all versions including upstream 1.4.x |
Weaknesses (CWE)
References
https://pagure.io/389-ds-base/issue/49545
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1537314
x_refsource_CONFIRM
RHSA-2018:0414
vendor-advisory
x_refsource_REDHAT
RHSA-2018:0515
vendor-advisory
x_refsource_REDHAT
[debian-lts-announce] 20180715 [SECURITY] [DLA 1428-1] 389-ds-base security update
mailing-list
x_refsource_MLIST
103228
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now