Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1677

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1677
Last Modified 15 Nov 2008 02:12:00
Published 12 May 2008 12:20:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1677

Summary

Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote attackers to cause a denial of service (slapd crash) and possibly execute arbitrary code via a crafted LDAP query that triggers the overflow during translation to a regular expression.

Vulnerable Systems

Application

  • Red Hat Fedora Directory Server 1.1

  • Redhat Directory Server 7.1

  • Redhat Directory Server 8.0


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=444712

XF - rhds-fedora-expression-bo(42332)

SECTRACK - 1020001

BID - 29126

REDHAT - RHSA-2008:0269

REDHAT - RHSA-2008:0268

SECUNIA - 30185

SECUNIA - 30181


Last Updated: 27 May 2016 10:47:37