CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-0833

The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.1%

CVSS Severity

CVSS v2 Score 2.3

References

Products affected by CVE-2012-0833

Fedoraproject » 389 Directory Server » Version: 1.2.1

cpe:2.3:a:fedoraproject:389_directory_server:1.2.1
Fedoraproject » 389 Directory Server » Version: 1.2.10

cpe:2.3:a:fedoraproject:389_directory_server:1.2.10
Fedoraproject » 389 Directory Server » Version: 1.2.2

cpe:2.3:a:fedoraproject:389_directory_server:1.2.2
Fedoraproject » 389 Directory Server » Version: 1.2.3

cpe:2.3:a:fedoraproject:389_directory_server:1.2.3
Fedoraproject » 389 Directory Server » Version: 1.2.5

cpe:2.3:a:fedoraproject:389_directory_server:1.2.5
Fedoraproject » 389 Directory Server » Version: 1.2.6

cpe:2.3:a:fedoraproject:389_directory_server:1.2.6
Fedoraproject » 389 Directory Server » Version: 1.2.6.1

cpe:2.3:a:fedoraproject:389_directory_server:1.2.6.1
Fedoraproject » 389 Directory Server » Version: 1.2.7

cpe:2.3:a:fedoraproject:389_directory_server:1.2.7
Fedoraproject » 389 Directory Server » Version: 1.2.7.5

cpe:2.3:a:fedoraproject:389_directory_server:1.2.7.5
Fedoraproject » 389 Directory Server » Version: 1.2.8

cpe:2.3:a:fedoraproject:389_directory_server:1.2.8
Fedoraproject » 389 Directory Server » Version: 1.2.8.1

cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.1
Fedoraproject » 389 Directory Server » Version: 1.2.8.2

cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.2
Fedoraproject » 389 Directory Server » Version: 1.2.8.3

cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.3
Fedoraproject » 389 Directory Server » Version: 1.2.9.9

cpe:2.3:a:fedoraproject:389_directory_server:1.2.9.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-0833

Products

Pricing

Contact Us