CVE-2022-0918

HIGH

389-ds-base - Unauthenticated Denial of Service via LDAP Message

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-0918. PoCs published by NathanMulbrook.

AI-analyzed exploit summary This PoC exploits CVE-2022-0918, a DoS vulnerability in 389 Directory Server (slapd) by sending a malformed LDAP packet to trigger a segmentation fault. The code constructs a crafted packet and sends it to the target server on port 389.

Description

A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing.

Exploits (1)

nomisec WORKING POC 5 stars
by NathanMulbrook · poc
https://github.com/NathanMulbrook/CVE-2022-0918

This PoC exploits CVE-2022-0918, a DoS vulnerability in 389 Directory Server (slapd) by sending a malformed LDAP packet to trigger a segmentation fault. The code constructs a crafted packet and sends it to the target server on port 389.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: 389 Directory Server (slapd)
No auth needed
Prerequisites: Network access to the target server on port 389
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=2055815
Third Party Advisory x_refsource_misc
https://access.redhat.com/security/cve/CVE-2022-0918
Issue Tracking, Patch, Third Party Advisory issue-tracking
https://github.com/389ds/389-ds-base/issues/5242

Scores

CVSS v3 7.5
EPSS 0.0591
EPSS Percentile 92.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published
Products (2)
port389/389-ds-base 1.4.0
redhat/enterprise_linux 8.0
Published Mar 16, 2022
Tracked Since Feb 18, 2026