| ID |
CVE-2008-3283
|
| Summary |
Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:fedora:directory_server:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:fedora:directory_server:1.1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:directory_server:7.1:sp1:*:*:*:*:*:*
cpe:2.3:a:redhat:directory_server:7.1:sp1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:directory_server:7.1:sp2:*:*:*:*:*:*
cpe:2.3:a:redhat:directory_server:7.1:sp2:*:*:*:*:*:*
-
cpe:2.3:a:redhat:directory_server:7.1:sp3:*:*:*:*:*:*
cpe:2.3:a:redhat:directory_server:7.1:sp3:*:*:*:*:*:*
-
cpe:2.3:a:redhat:directory_server:7.1:sp4:*:*:*:*:*:*
cpe:2.3:a:redhat:directory_server:7.1:sp4:*:*:*:*:*:*
-
cpe:2.3:a:redhat:directory_server:7.1:sp5:*:*:*:*:*:*
cpe:2.3:a:redhat:directory_server:7.1:sp5:*:*:*:*:*:*
-
cpe:2.3:a:redhat:directory_server:7.1:sp6:*:*:*:*:*:*
cpe:2.3:a:redhat:directory_server:7.1:sp6:*:*:*:*:*:*
-
cpe:2.3:a:redhat:directory_server:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:directory_server:8.0:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 7.8 (as of 29-09-2017 - 01:31) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-399 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
| oval
via4
|
| accepted | 2015-04-20T04:02:30.681-04:00 | | class | vulnerability | | contributors | | name | Michael Wood | | organization | Hewlett-Packard |
| name | Sushant Kumar Singh | | organization | Hewlett-Packard |
| name | Sushant Kumar Singh | | organization | Hewlett-Packard |
| name | Prashant Kumar | | organization | Hewlett-Packard |
| name | Mike Cokus | | organization | The MITRE Corporation |
| | description | Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests. | | family | unix | | id | oval:org.mitre.oval:def:6118 | | status | accepted | | submitted | 2008-09-02T12:41:14.000-04:00 | | title | r Remote Denial of Service (DoS) | | version | 45 |
|
| redhat
via4
|
| advisories | | | rpms | - redhat-ds-0:7.1SP7-14.RHEL3
- redhat-ds-0:7.1SP7-14.RHEL4
- redhat-ds-admin-0:8.0.4-3.el4dsrv
- redhat-ds-admin-0:8.0.4-3.el5dsrv
- redhat-ds-admin-debuginfo-0:8.0.4-3.el4dsrv
- redhat-ds-admin-debuginfo-0:8.0.4-3.el5dsrv
- redhat-ds-base-0:8.0.4-7.el4dsrv
- redhat-ds-base-0:8.0.4-7.el5dsrv
- redhat-ds-base-debuginfo-0:8.0.4-7.el4dsrv
- redhat-ds-base-debuginfo-0:8.0.4-7.el5dsrv
- redhat-ds-base-devel-0:8.0.4-7.el4dsrv
- redhat-ds-base-devel-0:8.0.4-7.el5dsrv
- redhat-ds-base-0:8.0.4-7.el5dsrv
- redhat-ds-base-debuginfo-0:8.0.4-7.el5dsrv
- redhat-ds-base-devel-0:8.0.4-7.el5dsrv
|
|
| refmap
via4
|
| bid | 30872 | | confirm | | | fedora | - FEDORA-2008-7813
- FEDORA-2008-7891
| | hp | | | sectrack | 1020774 | | secunia | - 31565
- 31627
- 31702
- 31867
- 31913
| | vupen | ADV-2008-2480 | | xf | rhds-leaks-dos(44731) |
|
| Last major update |
29-09-2017 - 01:31 |
| Published |
29-08-2008 - 18:41 |
| Last modified |
29-09-2017 - 01:31 |
