Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1827

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2015-1827
Last Modified 09 Apr 2015 10:00:25
Published 30 Mar 2015 10:59:04
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-1827

Summary

The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user that belongs to a large number of groups.

Vulnerable Systems

Application

  • Freeipa 4.1.3


References

CONFIRM - https://fedorahosted.org/freeipa/ticket/4908

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1205200

REDHAT - RHSA-2015:0728

FEDORA - FEDORA-2015-4788

FEDORA - FEDORA-2015-4747


Last Updated: 27 May 2016 11:08:16