Denial of Service Vulnerability in 389 Directory Server by Red Hat
CVE-2011-0704

5.9MEDIUM

Key Information:

Vendor: Fedoraproject
Status: 389 Directory Server
Vendor: CVE Published:; 4 May 2018

Summary

An issue in the 389 Directory Server version 1.2.7.5, when compiled with mozldap, allows remote attackers to initiate a denial of service by sending an empty modify request. This can result in the server replica crashing, leading to potential downtime and disruption of services. Organizations using this version should take immediate steps to apply necessary patches or updates to mitigate this vulnerability.

References

https://bugzilla.redhat.com/show_bug.cgi?id=675320

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=676876

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 4, 2018
Vulnerability Reserved
Jan 31, 2011