CVE-2001-1306

Опубликовано: 16 июл. 2001

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstrated by the PROTOS LDAPv3 test suite.

Ссылки

ftp://patches.sgi.com/support/free/security/advisories/20011102-01-I
Vendor Advisory
http://www.cert.org/advisories/CA-2001-18.html
Patch
Third Party Advisory
US Government Resource
http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/
http://www.kb.cert.org/vuls/id/276944
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/JPLA-4WESMM
US Government Resource
ftp://patches.sgi.com/support/free/security/advisories/20011102-01-I
Vendor Advisory
http://www.cert.org/advisories/CA-2001-18.html
Patch
Third Party Advisory
US Government Resource
http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/
http://www.kb.cert.org/vuls/id/276944
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/JPLA-4WESMM
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sun:iplanet_directory_server:*:*:*:*:*:*:*:*

Версия до 4.1.4 (включая)

EPSS

Процентиль: 92%

0.08058

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-96j2-xqmw-vjjf

github

больше 3 лет назад