Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-15134

Опубликовано: 22 янв. 2018
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6389-ds-baseNot affected
Red Hat Enterprise Linux 7389-ds-baseFixedRHSA-2018:016325.01.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-120
https://bugzilla.redhat.com/show_bug.cgi?id=1531573389-ds-base: Remote DoS via search filters in slapi_filter_sprintf in slapd/util.c

EPSS

Процентиль: 82%
0.017
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-15134

CVSS3: 7.5
ubuntu
больше 7 лет назад

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

nvd логотип

CVE-2017-15134

CVSS3: 7.5
nvd
больше 7 лет назад

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

debian логотип

CVE-2017-15134

CVSS3: 7.5
debian
больше 7 лет назад

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x ...

github логотип

GHSA-7358-vfr4-6m85

CVSS3: 7.5
github
больше 3 лет назад

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

oracle-oval логотип

ELSA-2018-0163

oracle-oval
почти 8 лет назад

ELSA-2018-0163: 389-ds-base security and bug fix update (IMPORTANT)

EPSS

Процентиль: 82%
0.017
Низкий

7.5 High

CVSS3

Уязвимость CVE-2017-15134