Description
389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1752.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/55765
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1753.html
Scores
EPSS
0.0199
EPSS Percentile
78.3%
Details
CWE
CWE-20
Status
published
Products (6)
fedoraproject/389_directory_server
1.2.11.15
redhat/directory_server
7.1
redhat/directory_server
8.0
redhat/directory_server
8.1
redhat/directory_server
< 8.2
redhat/enterprise_linux
6.0
Published
Nov 23, 2013
Tracked Since
Feb 18, 2026