CVE-2013-4485
published 2013-11-23CVE-2013-4485: 389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via…
medium4CVSS 3.1
AVNACLAuSCNINAP
389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | 389-ds-base | < 389-ds-base 1.3.2.9-1 (bookworm) | 389-ds-base 1.3.2.9-1 (bookworm) |
| fedoraproject | 389_directory_server | — | — |
| port389 | 389-ds-base | >= 0 < 1.3.2.9-1 | 1.3.2.9-1 |
| port389 | 389-ds-base | >= 0 < 1.3.2.9-1 | 1.3.2.9-1 |
| port389 | 389-ds-base | >= 0 < 1.3.2.9-1 | 1.3.2.9-1 |
| redhat | directory_server | <= 8.2 | — |
| redhat | directory_server | — | — |
| redhat | directory_server | — | — |
| redhat | directory_server | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvd4.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
osv4.0MEDIUM