Exploit RedHat 8/9 - Directory Server Crafted Search Pattern Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
32304
Проверка EDB
  1. Пройдено
Автор
ULF WELTMAN
Тип уязвимости
DOS
Платформа
LINUX
CVE
cve-2008-2930
Дата публикации
2008-08-27
Код:
source: https://www.securityfocus.com/bid/30871/info

Red Hat Directory Server is prone to a denial-of-service vulnerability because the server fails to handle specially crafted search patterns.

An attacker can exploit this issue to consume CPU resources with one search request, effectively blocking additional search requests from executing. Legitimate users may be prevented from authenticating to network resources that use the affected server for authentication.

Red Hat Directory Server 7.1 and 8 are affected. 

The following example regular expressions are available:

2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P
4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
 
Источник
www.exploit-db.com

Похожие темы