Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-14624

Опубликовано: 06 сент. 2018
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN, which would cause slapd to crash.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*
Версия до 1.3.7.10 (включая)
cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*
Версия от 1.3.8.0 (включая) до 1.3.8.8 (включая)
cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*
Версия от 1.4.0.0 (включая) до 1.4.0.16 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 80%
0.01478
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20
CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2018-14624

CVSS3: 7.5
ubuntu
около 7 лет назад

A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN, which would cause slapd to crash.

redhat логотип

CVE-2018-14624

CVSS3: 7.5
redhat
около 7 лет назад

A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN, which would cause slapd to crash.

debian логотип

CVE-2018-14624

CVSS3: 7.5
debian
около 7 лет назад

A vulnerability was discovered in 389-ds-base through versions 1.3.7.1 ...

github логотип

GHSA-2986-vwq2-p2w6

CVSS3: 7.5
github
больше 3 лет назад

A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN, which would cause slapd to crash.

fstec логотип

BDU:2020-02774

CVSS3: 7.5
fstec
около 7 лет назад

Уязвимость функции log__error_emergency() сервера службы каталогов 389 Directory Server, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 80%
0.01478
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20
CWE-20