Published: 29/08/2008 Updated: 29/09/2017

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

VMScore: 715

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote malicious users to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat directory server 7.1
redhat directory server 8.0
fedora directory server 1.1.1

source: wwwsecurityfocuscom/bid/30871/info Red Hat Directory Server is prone to a denial-of-service vulnerability because the server fails to handle specially crafted search patterns An attacker can exploit this issue to consume CPU resources with one search request, effectively blocking additional search requests from executing Legiti ...

CWE-399 http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html https://bugzilla.redhat.com/show_bug.cgi?id=454065 https://rhn.redhat.com/errata/RHSA-2008-0596.html http://www.securityfocus.com/bid/30871 http://securitytracker.com/id?1020773 http://www.redhat.com/support/errata/RHSA-2008-0602.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861 http://secunia.com/advisories/31627 http://secunia.com/advisories/31702 http://secunia.com/advisories/31565 http://www.redhat.com/support/errata/RHSA-2008-0858.html http://secunia.com/advisories/31867 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00521.html https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00708.html http://www.vupen.com/english/advisories/2008/2480 https://exchange.xforce.ibmcloud.com/vulnerabilities/44733 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6078 https://nvd.nist.gov https://www.exploit-db.com/exploits/32304/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-2930

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect