CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1089

389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.24

EPSS Ranking 95.7%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2018-1089

Fedoraproject » 389 Directory Server » Version: 1.3.6.0

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.0
Fedoraproject » 389 Directory Server » Version: 1.3.6.1

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.1
Fedoraproject » 389 Directory Server » Version: 1.3.6.10

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.10
Fedoraproject » 389 Directory Server » Version: 1.3.6.11

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.11
Fedoraproject » 389 Directory Server » Version: 1.3.6.12

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.12
Fedoraproject » 389 Directory Server » Version: 1.3.6.13

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.13
Fedoraproject » 389 Directory Server » Version: 1.3.6.14

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.14
Fedoraproject » 389 Directory Server » Version: 1.3.6.2

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.2
Fedoraproject » 389 Directory Server » Version: 1.3.6.3

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.3
Fedoraproject » 389 Directory Server » Version: 1.3.6.4

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.4
Fedoraproject » 389 Directory Server » Version: 1.3.6.5

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.5
Fedoraproject » 389 Directory Server » Version: 1.3.6.6

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.6
Fedoraproject » 389 Directory Server » Version: 1.3.6.7

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.7
Fedoraproject » 389 Directory Server » Version: 1.3.6.8

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.8
Fedoraproject » 389 Directory Server » Version: 1.3.6.9

cpe:2.3:a:fedoraproject:389_directory_server:1.3.6.9
Fedoraproject » 389 Directory Server » Version: 1.3.8.1

cpe:2.3:a:fedoraproject:389_directory_server:1.3.8.1
Fedoraproject » 389 Directory Server » Version: 1.3.8.2

cpe:2.3:a:fedoraproject:389_directory_server:1.3.8.2
Fedoraproject » 389 Directory Server » Version: 1.4.0.0

cpe:2.3:a:fedoraproject:389_directory_server:1.4.0.0
Fedoraproject » 389 Directory Server » Version: 1.4.0.1

cpe:2.3:a:fedoraproject:389_directory_server:1.4.0.1
Fedoraproject » 389 Directory Server » Version: 1.4.0.2

cpe:2.3:a:fedoraproject:389_directory_server:1.4.0.2
Fedoraproject » 389 Directory Server » Version: 1.4.0.3

cpe:2.3:a:fedoraproject:389_directory_server:1.4.0.3
Fedoraproject » 389 Directory Server » Version: 1.4.0.4

cpe:2.3:a:fedoraproject:389_directory_server:1.4.0.4
Fedoraproject » 389 Directory Server » Version: 1.4.0.5

cpe:2.3:a:fedoraproject:389_directory_server:1.4.0.5
Fedoraproject » 389 Directory Server » Version: 1.4.0.6

cpe:2.3:a:fedoraproject:389_directory_server:1.4.0.6
Fedoraproject » 389 Directory Server » Version: 1.4.0.7

cpe:2.3:a:fedoraproject:389_directory_server:1.4.0.7
Fedoraproject » 389 Directory Server » Version: 1.4.0.8

cpe:2.3:a:fedoraproject:389_directory_server:1.4.0.8
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Redhat » Enterprise Linux Desktop » Version: 6.0

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
Redhat » Enterprise Linux Desktop » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
Redhat » Enterprise Linux Server » Version: 6.0

cpe:2.3:o:redhat:enterprise_linux_server:6.0
Redhat » Enterprise Linux Server » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_server:7.0
Redhat » Enterprise Linux Workstation » Version: 6.0

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
Redhat » Enterprise Linux Workstation » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1089

Products

Pricing

Contact Us