CVE-2024-3657

Опубликовано: 28 мая 2024

Источник: debian

Описание

A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
389-ds-base	fixed	3.1.1+dfsg1-1		package
389-ds-base	fixed	2.3.1+dfsg1-1+deb12u1	bookworm	package

Примечания

https://bugzilla.redhat.com/show_bug.cgi?id=2274401
https://github.com/389ds/389-ds-base/commit/b1e9acf39d1e1b752e8b4b469f32e17c743ad6f9 (389-ds-base-3.1.1)
https://github.com/389ds/389-ds-base/commit/d8068fd7ef3c0c256b06ca47cfa0e1921d143778 (389-ds-base-2.4.6)

Связанные уязвимости

CVE-2024-3657

CVSS3: 7.5

ubuntu

около 1 года назад

A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service

CVE-2024-3657

CVSS3: 7.5

redhat

около 1 года назад

A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service

CVE-2024-3657

CVSS3: 7.5

nvd

около 1 года назад

A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service

ROS-20240806-17

CVSS3: 7.5

redos

11 месяцев назад

Уязвимость 389-ds-base

BDU:2025-00952

CVSS3: 7.5

fstec

около 1 года назад

Уязвимость сервера службы каталогов 389 Directory Server, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании