#VU94615 Input validation error in 389-ds-base - CVE-2024-5953

Cybersecurity Help s.r.o.

Published: 2024-07-19 | Updated: 2024-08-08

Vulnerability identifier: #VU94615

Vulnerability risk: Low

CVSSv4.0: 0.6 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-5953

CWE-ID: CWE-20

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
389-ds-base
Server applications / Directory software, identity management

Vendor: 389 Directory Server Project

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of password hashes. A remote attacker can crash the LDAP server when attempting to log in with a user with a malformed hash in their password.

Mitigation
Install update from vendor's website.

Vulnerable software versions

389-ds-base: 1.3.7.2 - 1.3.7.10, 1.3.9.1, 1.3.11.1, 1.4.0 - 1.4.5.0, 2.0.0 - 2.0.17, 2.1.0 - 2.1.8, 2.2.0 - 2.2.9, 2.3.0 - 2.3.7, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.4.5, 2.5.1

External links
https://access.redhat.com/security/cve/CVE-2024-5953
https://bugzilla.redhat.com/show_bug.cgi?id=2292104
https://access.redhat.com/errata/RHSA-2024:4633

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Anolis OS update for 389-ds-base

Anolis OS update for 389-ds:1.4 module

Red Hat Directory Server 11 update for the redhat-ds:11 module

SUSE update for 389-ds

Multiple vulnerabilities in Oracle Linux

Red Hat Directory Server 12 update for the redhat-ds:12 module

openEuler 20.03 LTS SP4 update for three-eight-nine-ds-base

openEuler 22.03 LTS SP1 update for three-eight-nine-ds-base

openEuler 24.03 LTS update for three-eight-nine-ds-base