CVE-2018-1089

CWE-122Heap-based Buffer OverflowCWE-119Buffer Overflow9 documents7 sources
Severity
7.5HIGH
EPSS
14.6%
top 5.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Fedoraproject 389 Directory ServerUnspecified 389-ds-baseDebian Debian Linux+3 more
Timeline
PublishedMay 9
Latest updateMay 13

Description

389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages6 packages

Debian389-ds-base< 1.3.8.2-1+2
CVEListV5unspecified/389-ds-base389-ds-base 1.3.6.15, 389-ds-base 1.3.8.1, 389-ds-base 1.4.0.9+2
NVDfedoraproject/389_directory_server1.3.6.01.3.6.15+3

Also affects: Debian Linux 8.0

Patches

Patch: bugzilla.redhat.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

3
GHSA
GHSA-4xv3-w7vq-3g6v: 389-ds-base before versions 12022-05-13
CVEList
CVE-2018-1089: 389-ds-base before versions 12018-05-09
OSV
CVE-2018-1089: 389-ds-base before versions 12018-05-09

📋Vendor Advisories

2
Red Hat
389-ds-base: ns-slapd crash via large filter value in ldapsearch2018-05-07
Debian
CVE-2018-1089: 389-ds-base - 389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle l...2018

💬Community

3
Bugzilla
389-ds-base: Memory exhaustion in ns-slapd can allow an authenticated remote attacker to cause a denial of service2018-06-21
Bugzilla
CVE-2018-1089 389-ds-base: ns-slapd crash via large filter value in ldapsearch [fedora-all]2018-05-07
Bugzilla
CVE-2018-1089 389-ds-base: ns-slapd crash via large filter value in ldapsearch2018-03-23
CVE-2018-1089 (HIGH CVSS 7.5) | 389-ds-base before versions 1.4.0.9 | cvebase.io