CVE-2008-2930

Severity

71%

Complexity

86%

Confidentiality

115%

Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem.

Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem.

CVSS 2.0 Base Score 7.1. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C).

Overview

First reported 16 years ago

2008-08-29 18:41:00

Last updated 7 years ago

2017-09-29 01:31:00

Affected Software

Red Hat Directory Server 8.0

8.0

References

SSRT080113

31565

31627

31702

31867

1020773

http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html

Patch

RHSA-2008:0602

RHSA-2008:0858

30871

Patch

ADV-2008-2480

https://bugzilla.redhat.com/show_bug.cgi?id=454065

rhds-ldapsearch-dos(44733)

oval:org.mitre.oval:def:6078

RHSA-2008:0596

FEDORA-2008-7813

FEDORA-2008-7891

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.