Improper input validation in Fedoraproject 389_directory_server
CVE-2011-1067
slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not properly manage the c_timelimit field of the connection table element, which allows remote attackers to cause a denial of service (daemon outage) via Simple Paged Result…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.006 (70.0th percentile) — read the EPSS interpretation.
Affected products
- Fedoraproject 389_directory_server — versions 1.2.1, 1.2.2, 1.2.3
- N/a — versions n/a
Weakness classification (CWE)
References
- 43566 (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM, Patch)
- rhds-simple-paged-dos(65769) (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_CONFIRM)