CVE-2008-2930

Red Hat Directory Server 7.1 < SP7, 8 & Fedora Directory Server 1.1.1 - DoS via LDAP Requests

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2930. PoCs published by Ulf Weltman.

AI-analyzed exploit summary The provided text describes a denial-of-service vulnerability in Red Hat Directory Server versions 7.1 and 8, where specially crafted search patterns can consume CPU resources. No actual exploit code is present, only a vulnerability description and CVSS vectors.

Description

Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Ulf Weltman · textdoslinux

https://www.exploit-db.com/exploits/32304

View Code ZIP pw:eip

The provided text describes a denial-of-service vulnerability in Red Hat Directory Server versions 7.1 and 8, where specially crafted search patterns can consume CPU resources. No actual exploit code is present, only a vulnerability description and CVSS vectors.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: Red Hat Directory Server 7.1, 8

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (17)

Core 17

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/44733

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6078

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2008-0602.html

Vendor Advisory vendor-advisory x_refsource_hp

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861

Patch x_refsource_confirm

http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/31702

Vendor Advisory vendor-advisory x_refsource_redhat

https://rhn.redhat.com/errata/RHSA-2008-0596.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/31867

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/2480

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/30871

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00708.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2008-0858.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1020773

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=454065

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/31565

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/31627

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00521.html

Scores

EPSS 0.1523

EPSS Percentile 94.7%

Details

CWE

CWE-399

Status published

Products (3)

fedora/directory_server 1.1.1

redhat/directory_server 7.1 sp1 (6 CPE variants)

redhat/directory_server 8.0

Published Aug 29, 2008

Tracked Since Feb 18, 2026