Vulnerability CVE-2016-0741
Published: 2016-04-19

Description:
slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection.

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Redhat -> Enterprise linux 
Redhat -> Enterprise linux desktop 
Redhat -> Enterprise linux hpc node 
Redhat -> Enterprise linux server 
Redhat -> Enterprise linux workstation 
Fedoraproject -> 389 directory server 

 References:
http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html
http://rhn.redhat.com/errata/RHSA-2016-0204.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/82343
https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/
https://fedorahosted.org/389/ticket/48412
Copyright 2024, cxsecurity.com

 

Back to Top