4.9
CVE-2026-11793
- EPSS 0.28%
- Veröffentlicht 09.06.2026 13:11:40
- Zuletzt bearbeitet 30.06.2026 11:16:28
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
389-ds-base: 389-ds-base: stack buffer overflow in checkprefix() algorithm id parsing
A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix() function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can crash the LDAP server by storing a crafted credential with an oversized algorithm ID. FORTIFY_SOURCE mitigates this to denial of service only.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ 389 Directory Server Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.2 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
|
CWE-121 Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
https://access.redhat.com/security/cve/CVE-2026-11793
https://bugzilla.redhat.com/show_bug.cgi?id=2484914