Vulnerability CVE-2018-10850


Published: 2018-06-13

Description:
389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. An anonymous attacker could use this flaw to trigger a denial of service.

Type:

CWE-362

Vendor: Debian
Product: Debian linux 
Version: 8.0;
Vendor: Redhat
Product: Enterprise linux 
Version: 7.0;
Vendor: Fedoraproject
Product: 389 directory server 
Version:
1.4.0.9
1.4.0.8
1.4.0.7
1.4.0.6
1.4.0.5
1.4.0.4
1.4.0.3
1.4.0.2
1.4.0.1
1.4.0.0
1.3.8.2
1.3.8.1
1.3.7.9
1.3.7.8
1.3.7.7
1.3.7.6
1.3.7.5
1.3.7.4
1.3.7.3
1.3.7.2
1.3.7.10
1.3.7.1
1.3.6.9
1.3.6.8
1.3.6.7
1.3.6.6
1.3.6.5
1.3.6.4
1.3.6.3
1.3.6.2
1.3.6.15
1.3.6.14
1.3.6.13
1.3.6.12
1.3.6.11
1.3.6.10
1.3.6.1
1.3.6.0
1.3.5.4
1.3.5.3
1.3.5.2
1.3.5.19
1.3.5.18
1.3.5.17
1.3.5.16
1.3.5.15
1.3.5.14
1.3.5.13
1.3.4.9
1.3.4.8
1.3.4.5
1.3.4.4
1.3.4.14
1.3.4.1
1.3.4.0
1.3.3.9
1.3.3.8
1.3.3.5
1.3.3.3
1.3.3.2
1.3.3.14
1.3.3.13
1.3.3.12
1.3.3.11
1.3.3.10
1.3.3.0
1.3.2.9
1.3.2.8
1.3.2.7
1.3.2.6
1.3.2.5
1.3.2.4
1.3.2.3
1.3.2.27
1.3.2.26
1.3.2.24
1.3.2.23
1.3.2.22
1.3.2.2
1.3.2.19
1.3.2.16
1.3.2.13
1.3.2.11
1.3.2.10
1.3.1.9
1.3.1.8
1.3.1.7
1.3.1.6
1.3.1.5
1.3.1.4
1.3.1.3
1.3.1.22
1.3.1.2
1.3.1.19
1.3.1.18
1.3.1.17
1.3.1.16
1.3.1.15
See more versions on NVD

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.1/10
6.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete

 References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10850
https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html
https://pagure.io/389-ds-base/c/8f04487f99a
https://pagure.io/389-ds-base/issue/49768

Related CVE
CVE-2018-10871
389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective ...
CVE-2018-10852
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available fo...
CVE-2017-2668
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bin...
CVE-2018-10196
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2018-1111
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network ab...
CVE-2018-1089
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-sl...
CVE-2011-0704
389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request.
CVE-2013-0159
The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg.

Copyright 2018, cxsecurity.com

 

Back to Top