CVE-2022-0918

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-0918
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-0918.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-0918
Related
Published
2022-03-16T15:15:16Z
Modified
2024-10-12T08:49:42.599743Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing.

References

Affected packages

Debian:11 / 389-ds-base

Package

Name
389-ds-base
Purl
pkg:deb/debian/389-ds-base?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.4.4.11-2
1.4.4.16-1
1.4.4.17-1

2.*

2.0.11-1
2.0.11-2
2.0.14-1
2.0.15-1
2.0.15-1.1
2.3.1-1
2.3.1+dfsg1-1
2.3.4+dfsg1-1
2.3.4+dfsg1-1.1
2.4.4+dfsg1-1
2.4.4+dfsg1-3
2.4.5+dfsg1-1

3.*

3.0.2+dfsg1-1
3.1.1+dfsg1-1
3.1.1+dfsg1-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / 389-ds-base

Package

Name
389-ds-base
Purl
pkg:deb/debian/389-ds-base?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.15-1.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / 389-ds-base

Package

Name
389-ds-base
Purl
pkg:deb/debian/389-ds-base?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.15-1.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/389ds/389-ds-base

Affected ranges

Type
GIT
Repo
https://github.com/389ds/389-ds-base
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

389-ds-base-1.*

389-ds-base-1.2.10.a1
389-ds-base-1.2.10.a2
389-ds-base-1.2.10.a3
389-ds-base-1.2.10.a4
389-ds-base-1.2.10.a5
389-ds-base-1.2.10.a6
389-ds-base-1.2.10.a7
389-ds-base-1.2.10.a8
389-ds-base-1.2.10.rc1
389-ds-base-1.2.11.a1
389-ds-base-1.2.3
389-ds-base-1.2.4
389-ds-base-1.2.5.a1
389-ds-base-1.2.5.rc1
389-ds-base-1.2.5.rc2
389-ds-base-1.2.5.rc3
389-ds-base-1.2.5.rc4
389-ds-base-1.2.6.a1
389-ds-base-1.2.6.a2
389-ds-base-1.2.6.a3
389-ds-base-1.2.6.a4
389-ds-base-1.2.6.rc1
389-ds-base-1.2.6.rc2
389-ds-base-1.2.6.rc3
389-ds-base-1.2.7
389-ds-base-1.2.7.1
389-ds-base-1.2.7.2
389-ds-base-1.2.7.3
389-ds-base-1.2.7.4
389-ds-base-1.2.7.a1
389-ds-base-1.2.7.a2
389-ds-base-1.2.7.a3
389-ds-base-1.2.7.a4
389-ds-base-1.2.7.a5
389-ds-base-1.2.8.a1
389-ds-base-1.2.8.a2
389-ds-base-1.2.9.0
389-ds-base-1.2.9.1
389-ds-base-1.2.9.2
389-ds-base-1.2.9.3
389-ds-base-1.2.9.4
389-ds-base-1.2.9.5
389-ds-base-1.2.9.a1
389-ds-base-1.2.9.a2
389-ds-base-1.3.0.a1
389-ds-base-1.3.0.rc1
389-ds-base-1.3.5.0
389-ds-base-1.3.5.1
389-ds-base-1.3.5.10
389-ds-base-1.3.5.11
389-ds-base-1.3.5.12
389-ds-base-1.3.5.13
389-ds-base-1.3.5.2
389-ds-base-1.3.5.3
389-ds-base-1.3.5.4
389-ds-base-1.3.5.5
389-ds-base-1.3.5.6
389-ds-base-1.3.5.7
389-ds-base-1.3.5.8
389-ds-base-1.3.5.9
389-ds-base-1.3.6.0
389-ds-base-1.3.6.1
389-ds-base-1.3.6.2
389-ds-base-1.3.6.3
389-ds-base-1.3.6.4
389-ds-base-1.3.7.0
389-ds-base-1.3.7.2
389-ds-base-1.3.7.3
389-ds-base-1.3.7.4
389-ds-base-1.4.0.0

Other

Directory_Server_8_1_Candidate_20090324
FedoraDirSvr10
FedoraDirSvr110a1
FedoraDirSvr110a2
FedoraDirSvr110a3
FedoraDirSvr110a3_20070320
FedoraDirSvr110a4
FedoraDirSvr110a4_20070720
FedoraDirSvr110b1
FedoraDirSvr110b1_20070813
FedoraDirSvr110b1_20070816
FedoraDirSvr110b2
FedoraDirSvr110b2_20071107
FedoraDirSvr111
FedoraDirSvr111_20080530
FedoraDirSvr_1_1_2
FedoraDirSvr_1_1_2_20080904
FedoraDirSvr_1_1_2_RC
FedoraDirSvr_1_1_2_RC2
FedoraDirSvr_1_1_2_RC_20080828
FedoraDirSvr_1_1_3_20080923
FedoraDirSvr_20051103_RTC
before-merge-nunc-stans
ldapserver7x