ID CVE-2017-2668
Summary 389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service.
References
Vulnerable Configurations
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.13:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.13:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.14:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.14:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.15:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.15:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.16:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.5.16:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.6:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.7:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.8:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.8:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.9:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.9:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 09-10-2019 - 23:27)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
redhat via4
advisories
  • bugzilla
    id 1436575
    title CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment 389-ds-base is earlier than 0:1.2.11.15-91.el6_9
          oval oval:com.redhat.rhsa:tst:20170893009
        • comment 389-ds-base is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20151554010
      • AND
        • comment 389-ds-base-devel is earlier than 0:1.2.11.15-91.el6_9
          oval oval:com.redhat.rhsa:tst:20170893005
        • comment 389-ds-base-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20151554006
      • AND
        • comment 389-ds-base-libs is earlier than 0:1.2.11.15-91.el6_9
          oval oval:com.redhat.rhsa:tst:20170893007
        • comment 389-ds-base-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20151554008
    rhsa
    id RHSA-2017:0893
    released 2017-04-11
    severity Important
    title RHSA-2017:0893: 389-ds-base security and bug fix update (Important)
  • bugzilla
    id 1436575
    title CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment 389-ds-base is earlier than 0:1.3.5.10-20.el7_3
          oval oval:com.redhat.rhsa:tst:20170920009
        • comment 389-ds-base is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20151554010
      • AND
        • comment 389-ds-base-devel is earlier than 0:1.3.5.10-20.el7_3
          oval oval:com.redhat.rhsa:tst:20170920011
        • comment 389-ds-base-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20151554006
      • AND
        • comment 389-ds-base-libs is earlier than 0:1.3.5.10-20.el7_3
          oval oval:com.redhat.rhsa:tst:20170920005
        • comment 389-ds-base-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20151554008
      • AND
        • comment 389-ds-base-snmp is earlier than 0:1.3.5.10-20.el7_3
          oval oval:com.redhat.rhsa:tst:20170920007
        • comment 389-ds-base-snmp is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20162594010
    rhsa
    id RHSA-2017:0920
    released 2017-04-12
    severity Important
    title RHSA-2017:0920: 389-ds-base security and bug fix update (Important)
rpms
  • 389-ds-base-0:1.2.11.15-91.el6_9
  • 389-ds-base-devel-0:1.2.11.15-91.el6_9
  • 389-ds-base-libs-0:1.2.11.15-91.el6_9
  • 389-ds-base-0:1.3.5.10-20.el7_3
  • 389-ds-base-devel-0:1.3.5.10-20.el7_3
  • 389-ds-base-libs-0:1.3.5.10-20.el7_3
  • 389-ds-base-snmp-0:1.3.5.10-20.el7_3
refmap via4
bid 97524
confirm
Last major update 09-10-2019 - 23:27
Published 22-06-2018 - 13:29
Back to Top