Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-1054

Опубликовано: 07 мар. 2018
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*
Версия до 1.4.0.6 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 91%
0.06851
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-120
CWE-125

Связанные уязвимости

ubuntu логотип

CVE-2018-1054

CVSS3: 7.5
ubuntu
больше 7 лет назад

An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

redhat логотип

CVE-2018-1054

CVSS3: 7.5
redhat
больше 7 лет назад

An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

debian логотип

CVE-2018-1054

CVSS3: 7.5
debian
больше 7 лет назад

An out-of-bounds memory read flaw was found in the way 389-ds-base han ...

github логотип

GHSA-g83g-r7vx-57fv

CVSS3: 7.5
github
больше 3 лет назад

An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

fstec логотип

BDU:2020-00801

CVSS3: 7.5
fstec
больше 7 лет назад

Уязвимость сервера службы каталогов 389 Directory Server, вызванная чтением за границами буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 91%
0.06851
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-120
CWE-125