CVE-2008-3283

CWE-399CWE-401Memory Leak5 documents5 sources
Severity
7.8HIGH
EPSS
7.3%
top 8.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fedora Directory ServerRedhat Directory Server
Timeline
PublishedAug 29
Latest updateMay 1

Description

Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

NVDredhat/directory_server7.1, 8.0+1

Patches

Patch: www.redhat.comPatch: www.securityfocus.comPatch: www.redhat.com

🔴Vulnerability Details

2
GHSA
GHSA-vxv8-22w3-3cgm: Multiple memory leaks in Red Hat Directory Server 72022-05-01
CVEList
CVE-2008-3283: Multiple memory leaks in Red Hat Directory Server 72008-08-29

📋Vendor Advisories

1
Red Hat
Server: multiple memory leaks2008-08-27

💬Community

1
Bugzilla
CVE-2008-3283 Directory Server: multiple memory leaks2008-08-13
CVE-2008-3283 (HIGH CVSS 7.8) | Multiple memory leaks in Red Hat Di | cvebase.io