#VU63128 Buffer overflow in 389-ds-base - CVE-2022-0918

Cybersecurity Help s.r.o.

Published: 2022-05-12 | Updated: 2022-08-18

Vulnerability identifier: #VU63128

Vulnerability risk: Medium

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2022-0918

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
389-ds-base
Server applications / Directory software, identity management

Vendor: 389 Directory Server Project

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when handling network packets. A remote attacker can create a single TCP packet to the LDAP port, trigger a segmentation fault and crash the slapd daemon.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

389-ds-base: 1.4.0 - 1.4.5.0

External links
https://bugzilla.redhat.com/show_bug.cgi?id=2055815
https://access.redhat.com/security/cve/CVE-2022-0918

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Red Hat Enterprise Linux 9.0 Extended Update Support update for 389-ds-base

Red Hat Enterprise Linux 9 update for 389-ds-base

Multiple vulnerabilities in Oracle Linux

Red Hat Enterprise Linux 8 update for the 389-ds:1.4 module

CentOS 7 update for 389-ds-base

Multiple vulnerabilities in Oracle Linux

Red Hat Enterprise Linux 8.4 TUS update for the 389-ds:1.4 module

Red Hat Enterprise Linux 7 update for 389-ds-base

SUSE update for 389-ds

Denial of service in Red Hat Directory Server