CVE-2001-1308

Опубликовано: 16 июл. 2001

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

Format string vulnerabilities in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

Ссылки

ftp://patches.sgi.com/support/free/security/advisories/20011102-01-I
Patch
Vendor Advisory
http://ciac.llnl.gov/ciac/bulletins/l-116.shtml
http://www.cert.org/advisories/CA-2001-18.html
Third Party Advisory
US Government Resource
http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/
http://www.kb.cert.org/vuls/id/276944
US Government Resource
http://www.kb.cert.org/vuls/id/JPLA-4WESMM
US Government Resource
http://www.securityfocus.com/bid/3039
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6898
ftp://patches.sgi.com/support/free/security/advisories/20011102-01-I
Patch
Vendor Advisory
http://ciac.llnl.gov/ciac/bulletins/l-116.shtml
http://www.cert.org/advisories/CA-2001-18.html
Third Party Advisory
US Government Resource
http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/
http://www.kb.cert.org/vuls/id/276944
US Government Resource
http://www.kb.cert.org/vuls/id/JPLA-4WESMM
US Government Resource
http://www.securityfocus.com/bid/3039
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6898

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sun:iplanet_directory_server:*:*:*:*:*:*:*:*

Версия до 4.1.4 (включая)

EPSS

Процентиль: 95%

0.17524

Средний

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-rxrv-567j-wwfc

github

больше 3 лет назад