7.8
CVE-2015-0283
- EPSS 3.15%
- Veröffentlicht 30.03.2015 14:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request for a (1) group with a large number of members or (2) user that belongs to a large number of groups.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.15% | 0.863 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154314.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154103.html
http://rhn.redhat.com/errata/RHSA-2015-0728.html
http://www.securityfocus.com/bid/73377
https://bugzilla.redhat.com/show_bug.cgi?id=1195729
https://git.fedorahosted.org/cgit/slapi-nis.git/commit/?id=6573f91c95f7a353ad3bdf2fe95b0c15932aa097