|Max CVSS||7.8||Min CVSS||4.3||Total Count||8|
|ID||CVSS||Summary||Last (major) update||Published|
A flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the do_search() function. An unauthenticated attacker could use this flaw to provoke a denial of service.
|28-09-2018 - 09:29||28-09-2018 - 09:29|
A flaw was found in 389-ds-base before version 220.127.116.11-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service.
|14-09-2018 - 15:29||14-09-2018 - 15:29|
389-ds-base before versions 18.104.22.168 and 22.214.171.124 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bin
|22-06-2018 - 09:29||22-06-2018 - 09:29|
389-ds-base before versions 126.96.36.199, 188.8.131.52, 184.108.40.206 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-sl
|09-05-2018 - 11:29||09-05-2018 - 11:29|
An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially
|07-03-2018 - 08:29||07-03-2018 - 08:29|
A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 220.127.116.11, 1.3.7.x before 18.104.22.168, 1.4.x before 22.214.171.124 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-sla
|01-03-2018 - 17:29||01-03-2018 - 17:29|
389-ds-base version before 126.96.36.199 and 188.8.131.52 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.
|16-08-2017 - 14:29||16-08-2017 - 14:29|
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the
|08-06-2017 - 15:29||08-06-2017 - 15:29|