#VU15561 Improper input validation in 389-ds-base - CVE-2018-14624

Cybersecurity Help s.r.o.

Published: 2018-10-29

Vulnerability identifier: #VU15561

Vulnerability risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-14624

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
389-ds-base
Server applications / Directory software, identity management

Vendor: 389 Directory Server Project

Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to incorrect use of the lock controlling error log when re-opening the log file in log__error_emergency(. A remote attacker can send a flood of modifications to a very large DN and cause the slapd to crash.

Mitigation
Install update from vendor's website.i

Vulnerable software versions

389-ds-base: 1.3.7 - 1.3.7.10, 1.3.8 - 1.3.8.8, 1.4.0 - 1.4.0.16

External links
https://pagure.io/389-ds-base/issue/49937

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

OpenSUSE Linux update for 389-ds

Amazon Linux AMI update for 389-ds-base

Red Hat update for 389-ds-base