NotCVE - vendor:"Red Hat" product:"Directory Server"

4 results (0.003 seconds)

CVSS: 5.7EPSS: 0%CPEs: 7EXPL: 0

CVE-2024-8445 – 389-ds-base: server crash while modifying `userpassword` using malformed input (incomplete fix for cve-2024-2199)

https://notcve.org/view.php?id=CVE-2024-8445

05 Sep 2024 — The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input. • https://access.redhat.com/security/cve/CVE-2024-8445 • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 0%CPEs: 24EXPL: 0

CVE-2024-5953 – 389-ds-base: malformed userpassword hash may cause denial of service

https://notcve.org/view.php?id=CVE-2024-5953

18 Jun 2024 — A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password. Se encontró una vulnerabilidad de denegación de servicio en el servidor LDAP 389-ds-base. Este problema puede permitir que un usuario autenticado provoque una denegación de servicio del servidor al intentar iniciar sesión con un usuario con un hash mal formado en su contraseña... • https://access.redhat.com/errata/RHSA-2024:4633 • CWE-1288: Improper Validation of Consistency within Input •

CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0

CVE-2024-3657 – 389-ds-base: potential denial of service via specially crafted kerberos as-req request

https://notcve.org/view.php?id=CVE-2024-3657

28 May 2024 — A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service Se encontró una falla en 389-ds-base. Una consulta LDAP especialmente manipulada puede causar potencialmente una falla en el servidor de directorio, lo que lleva a una denegación de servicio. • https://access.redhat.com/errata/RHSA-2024:3591 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 0

CVE-2024-1062 – 389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr)

https://notcve.org/view.php?id=CVE-2024-1062

12 Feb 2024 — A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr. Se encontró una falla de desbordamiento de búfer de almacenamiento dinámico en 389-ds-base. Este problema provoca una denegación de servicio al escribir un valor superior a 256 caracteres en log_entry_attr. • https://access.redhat.com/errata/RHSA-2024:1074 • CWE-122: Heap-based Buffer Overflow •