7.8

CVE-2008-3283

EPSS 7.32%
Published 29.08.2008 18:41:00
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests.

Affected products Warnungen 0 Metrics 2 CWE 0 References 21

Data is provided by the National Vulnerability Database (NVD)

Fedora ≫ Directory Server Version1.1.1

Redhat ≫ Directory Server Version7.1 Updatesp1

Redhat ≫ Directory Server Version7.1 Updatesp2

Redhat ≫ Directory Server Version7.1 Updatesp3

Redhat ≫ Directory Server Version7.1 Updatesp4

Redhat ≫ Directory Server Version7.1 Updatesp5

Redhat ≫ Directory Server Version7.1 Updatesp6

Redhat ≫ Directory Server Version8.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	7.32%	0.908

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861

http://secunia.com/advisories/31565

http://secunia.com/advisories/31702

http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html

Patch

http://www.vupen.com/english/advisories/2008/2480

https://rhn.redhat.com/errata/RHSA-2008-0596.html

http://secunia.com/advisories/31627

http://secunia.com/advisories/31867

http://www.redhat.com/support/errata/RHSA-2008-0602.html

http://www.redhat.com/support/errata/RHSA-2008-0858.html

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00521.html

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00708.html

http://secunia.com/advisories/31913

http://securitytracker.com/id?1020774

http://www.securityfocus.com/bid/30872

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=458977

https://exchange.xforce.ibmcloud.com/vulnerabilities/44731

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6118

https://nvd.nist.gov/vuln/detail/CVE-2008-3283

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-3283

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-3283

EUVD