Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-15134

Опубликовано: 01 мар. 2018
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*
Версия от 1.3.6.1 (включая) до 1.3.6.13 (исключая)
cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*
Версия от 1.3.7.1 (включая) до 1.3.7.9 (исключая)
cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*
Версия от 1.4.0.0 (включая) до 1.4.0.5 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 82%
0.017
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-120
CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2017-15134

CVSS3: 7.5
ubuntu
больше 7 лет назад

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

redhat логотип

CVE-2017-15134

CVSS3: 7.5
redhat
почти 8 лет назад

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

debian логотип

CVE-2017-15134

CVSS3: 7.5
debian
больше 7 лет назад

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x ...

github логотип

GHSA-7358-vfr4-6m85

CVSS3: 7.5
github
больше 3 лет назад

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

oracle-oval логотип

ELSA-2018-0163

oracle-oval
почти 8 лет назад

ELSA-2018-0163: 389-ds-base security and bug fix update (IMPORTANT)

EPSS

Процентиль: 82%
0.017
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-120
CWE-119
Уязвимость CVE-2017-15134