CVE-2018-1089
09.05.2018, 15:29
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.Enginsight
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | 389_directory_server | 1.3.6.0 ≤ 𝑥 < 1.3.6.15 |
| fedoraproject | 389_directory_server | 1.4.0.0 ≤ 𝑥 < 1.4.0.9 |
| fedoraproject | 389_directory_server | 1.3.8.1 |
| fedoraproject | 389_directory_server | 1.3.8.2 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| debian | debian_linux | 8.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
- CWE-122 - Heap-based Buffer OverflowA heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
References