389-ds-base prior to 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fedoraproject 389 directory server |
||
fedoraproject 389 directory server 1.3.8.2 |
||
fedoraproject 389 directory server 1.3.8.1 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux workstation 7.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux workstation 6.0 |
||
redhat enterprise linux desktop 6.0 |
||
debian debian linux 8.0 |