Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2013-0336

Published: 03/11/2014 Updated: 29/08/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Redhat

Vulnerability Summary

The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the directory server (dirsrv) in FreeIPA prior to 3.2.0 allows remote malicious users to cause a denial of service (crash) via a connection request without a username/dn, related to the 389 directory server.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat freeipa 3.1.4

redhat freeipa

redhat freeipa 3.1.2

redhat freeipa 3.1.3

redhat freeipa 3.0.0

redhat freeipa 3.0.1

redhat freeipa 3.0.2

redhat freeipa 3.1.1

Vendor Advisories

Debian CVElist Bug Report Logs: 389-ds-base: CVE-2013-4485: DoS due to improper handling of ger attr searches
Debian Bug report logs - #730115 389-ds-base: CVE-2013-4485: DoS due to improper handling of ger attr searches Package: 389-ds-base; Maintainer for 389-ds-base is Debian FreeIPA Team <pkg-freeipa-devel@alioth-listsdebiannet>; Source for 389-ds-base is src:389-ds-base (PTS, buildd, popcon) Reported by: Salvatore Bonaccorso ...
Debian CVElist Bug Report Logs: CVE-2013-0336
Debian Bug report logs - #704077 CVE-2013-0336 Package: 389-ds; Maintainer for 389-ds is Debian FreeIPA Team <pkg-freeipa-devel@alioth-listsdebiannet>; Source for 389-ds is src:389-ds-base (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Wed, 27 Mar 2013 17:00:02 UTC Severity: grave Tag ...
Debian CVElist Bug Report Logs: 389-ds-base: CVE-2013-2219: ACLs inoperative in some search scenarios
Debian Bug report logs - #718325 389-ds-base: CVE-2013-2219: ACLs inoperative in some search scenarios Package: src:389-ds-base; Maintainer for src:389-ds-base is Debian FreeIPA Team <pkg-freeipa-devel@alioth-listsdebiannet>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 30 Jul 2013 08:36:01 UTC ...
Debian CVElist Bug Report Logs: 389-ds-base: CVE-2013-1897: unintended information exposure when rootdse is enabled
Debian Bug report logs - #704421 389-ds-base: CVE-2013-1897: unintended information exposure when rootdse is enabled Package: 389-ds-base; Maintainer for 389-ds-base is Debian FreeIPA Team <pkg-freeipa-devel@alioth-listsdebiannet>; Source for 389-ds-base is src:389-ds-base (PTS, buildd, popcon) Reported by: Salvatore Bonac ...
Debian CVElist Bug Report Logs: 389-ds-base: CVE-2013-4283
Debian Bug report logs - #721222 389-ds-base: CVE-2013-4283 Package: 389-ds-base; Maintainer for 389-ds-base is Debian FreeIPA Team <pkg-freeipa-devel@alioth-listsdebiannet>; Source for 389-ds-base is src:389-ds-base (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 29 Aug 2013 08:42 ...
Red Hat: CVE-2013-0336
The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extopc in the directory server (dirsrv) in FreeIPA before 320 allows remote attackers to cause a denial of service (crash) via a connection request without a username/dn, related to the 389 directory server ...

References

CWE-20https://git.fedorahosted.org/cgit/freeipa.git/commit/?id=7b45e33400355df44e75576ef7f70a39d163bf8ehttp://secunia.com/advisories/52763https://bugzilla.redhat.com/show_bug.cgi?id=913751http://www.securityfocus.com/bid/58747https://fedorahosted.org/freeipa/ticket/3539https://exchange.xforce.ibmcloud.com/vulnerabilities/83132https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730115https://access.redhat.com/security/cve/cve-2013-0336
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook