CVE Vulnerabilities

CVE-2010-4746

Published: Feb 23, 2011 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
5 LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu

Multiple memory leaks in the normalization functionality in 389 Directory Server before 1.2.7.5 allow remote attackers to cause a denial of service (memory consumption) via badly behaved applications, related to (1) Slapi_Attr mishandling in the DN normalization code and (2) pointer mishandling in the syntax normalization code, a different issue than CVE-2011-0019.

Affected Software

Name Vendor Start Version End Version
389_directory_server Fedoraproject * 1.2.7 (including)
389_directory_server Fedoraproject 1.2.1 (including) 1.2.1 (including)
389_directory_server Fedoraproject 1.2.2 (including) 1.2.2 (including)
389_directory_server Fedoraproject 1.2.3 (including) 1.2.3 (including)
389_directory_server Fedoraproject 1.2.5 (including) 1.2.5 (including)
389_directory_server Fedoraproject 1.2.5-rc1 (including) 1.2.5-rc1 (including)
389_directory_server Fedoraproject 1.2.5-rc2 (including) 1.2.5-rc2 (including)
389_directory_server Fedoraproject 1.2.5-rc3 (including) 1.2.5-rc3 (including)
389_directory_server Fedoraproject 1.2.5-rc4 (including) 1.2.5-rc4 (including)
389_directory_server Fedoraproject 1.2.6 (including) 1.2.6 (including)
389_directory_server Fedoraproject 1.2.6-a2 (including) 1.2.6-a2 (including)
389_directory_server Fedoraproject 1.2.6-a3 (including) 1.2.6-a3 (including)
389_directory_server Fedoraproject 1.2.6-a4 (including) 1.2.6-a4 (including)
389_directory_server Fedoraproject 1.2.6-rc1 (including) 1.2.6-rc1 (including)
389_directory_server Fedoraproject 1.2.6-rc2 (including) 1.2.6-rc2 (including)
389_directory_server Fedoraproject 1.2.6-rc3 (including) 1.2.6-rc3 (including)
389_directory_server Fedoraproject 1.2.6-rc6 (including) 1.2.6-rc6 (including)
389_directory_server Fedoraproject 1.2.6-rc7 (including) 1.2.6-rc7 (including)
389_directory_server Fedoraproject 1.2.6.1 (including) 1.2.6.1 (including)

References