CVE-2001-1310

Опубликовано: 16 июл. 2001

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for the L field of a BER encoding, as demonstrated by the PROTOS LDAPv3 test suite.

Ссылки

http://ciac.llnl.gov/ciac/bulletins/l-116.shtml
Patch
Vendor Advisory
http://www.cert.org/advisories/CA-2001-18.html
Third Party Advisory
US Government Resource
http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/
http://www.kb.cert.org/vuls/id/505564
US Government Resource
http://www.kb.cert.org/vuls/id/CFCR-4YQ33Y
US Government Resource
http://www.securityfocus.com/bid/3040
https://exchange.xforce.ibmcloud.com/vulnerabilities/6894
http://ciac.llnl.gov/ciac/bulletins/l-116.shtml
Patch
Vendor Advisory
http://www.cert.org/advisories/CA-2001-18.html
Third Party Advisory
US Government Resource
http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/
http://www.kb.cert.org/vuls/id/505564
US Government Resource
http://www.kb.cert.org/vuls/id/CFCR-4YQ33Y
US Government Resource
http://www.securityfocus.com/bid/3040
https://exchange.xforce.ibmcloud.com/vulnerabilities/6894

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:secureway_directory:3.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.11547

Средний

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-fwqv-p88w-cxgg

github

больше 3 лет назад