Improper input validation in Fedoraproject 389_directory_server

CVE-2013-4283

ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attackers to cause a denial of service (server crash) via a crafted Distinguished Name (DN) in a MOD operation request.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.008 (73.6th percentile) — read the EPSS interpretation.

Affected products

Fedoraproject 389_directory_server — versions 1.3.0.2, 1.3.0.3, 1.3.0.4
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

RHSA-2013:1182 (x_refsource_REDHAT, vendor-advisory)
secalert@redhat.com (x_refsource_CONFIRM, Patch)
54650 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
54586 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
secalert@redhat.com (x_refsource_CONFIRM)