CVE-2016-0741

CWE-399 CWE-772 CWE-8359 documents7 sources

Severity

7.5HIGH

EPSS

4.0%

top 11.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fedoraproject 389 Directory Server Redhat Enterprise Linux Redhat Enterprise Linux Desktop +3 more

Timeline

PublishedApr 19

Latest updateMay 17

Description

slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages6 packages

▶NVDfedoraproject/389_directory_server4 versions+3

▶NVDredhat/enterprise_linux_server7.0

▶Debian389-ds-base< 1.3.4.8-1+2

▶NVDredhat/enterprise_linux_desktop7.0

▶NVDredhat/enterprise_linux_hpc_node7.0

Also affects: Enterprise Linux 7.0

Patches

Patch: directory.fedoraproject.org ↗Patch: directory.fedoraproject.org ↗

🔴Vulnerability Details

GHSA

GHSA-hx2c-r32g-8w55: slapd/connection↗2022-05-17

▶

CVEList

CVE-2016-0741: slapd/connection↗2016-04-19

▶

OSV

CVE-2016-0741: slapd/connection↗2016-04-19

▶

📋Vendor Advisories

Red Hat

389-ds-base: worker threads do not detect abnormally closed connections causing DoS↗2016-01-15

▶

Debian

CVE-2016-0741: 389-ds-base - slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1....↗2016

▶

💬Community

Bugzilla

CVE-2016-0741 389-ds-base: Worker threads do not detect abnormally closed connections causing DoS [epel-5]↗2016-01-18

▶

Bugzilla

CVE-2016-0741 389-ds-base: Worker threads do not detect abnormally closed connections causing DoS [fedora-all]↗2016-01-18

▶

Bugzilla

CVE-2016-0741 389-ds-base: worker threads do not detect abnormally closed connections causing DoS↗2016-01-18

▶