What the vulnerability does

01Description

An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

Key dates

02Disclosure timeline

March 7, 2018 CVE published
September 17, 2024 Record updated