QwikSec

Security Database

CVE

CWE

Training

CVE-2022-0918

Published: Mar 16, 2022

Modified: Nov 3, 2025

PUBLISHED

Description

A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing.

Vendor	Product	Versions
n/a	389-ds-base	affected `1.4`

References

https://bugzilla.redhat.com/show_bug.cgi?id=2055815

x_refsource_MISC

https://access.redhat.com/security/cve/CVE-2022-0918

x_refsource_MISC

https://github.com/389ds/389-ds-base/issues/5242

issue-tracking

https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.