Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-4449

Опубликовано: 11 окт. 2013
Источник: redhat
CVSS2: 4.3
EPSS Высокий

Описание

The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7openldapNot affected
Red Hat Enterprise Linux 5openldapFixedRHSA-2014:020624.02.2014
Red Hat Enterprise Linux 6openldapFixedRHSA-2014:012603.02.2014

Показывать по

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1019490openldap: segfault on certain queries with rwm overlay

EPSS

Процентиль: 99%
0.71815
Высокий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu
больше 11 лет назад

The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.

nvd
больше 11 лет назад

The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.

debian
больше 11 лет назад

The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not prope ...

github
больше 3 лет назад

The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.

oracle-oval
больше 11 лет назад

ELSA-2014-0206: openldap security update (MODERATE)

EPSS

Процентиль: 99%
0.71815
Высокий

4.3 Medium

CVSS2