7.8

CVE-2008-3283

Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FedoraDirectory Server Version1.1.1
RedhatDirectory Server Version7.1 Updatesp1
RedhatDirectory Server Version7.1 Updatesp2
RedhatDirectory Server Version7.1 Updatesp3
RedhatDirectory Server Version7.1 Updatesp4
RedhatDirectory Server Version7.1 Updatesp5
RedhatDirectory Server Version7.1 Updatesp6
RedhatDirectory Server Version8.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.85% 0.849
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861
http://secunia.com/advisories/31565
http://secunia.com/advisories/31702
http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html
Patch
http://www.vupen.com/english/advisories/2008/2480
https://rhn.redhat.com/errata/RHSA-2008-0596.html
http://secunia.com/advisories/31627
http://secunia.com/advisories/31867
http://www.redhat.com/support/errata/RHSA-2008-0602.html
http://www.redhat.com/support/errata/RHSA-2008-0858.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00521.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00708.html
http://secunia.com/advisories/31913
http://securitytracker.com/id?1020774
http://www.securityfocus.com/bid/30872
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=458977
https://exchange.xforce.ibmcloud.com/vulnerabilities/44731
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6118