Vulnerability Description
Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fedora | Directory Server | 1.1.1 |
| Redhat | Directory Server | 7.1 |
Related Weaknesses (CWE)
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861
- http://secunia.com/advisories/31565
- http://secunia.com/advisories/31627
- http://secunia.com/advisories/31702
- http://secunia.com/advisories/31867
- http://secunia.com/advisories/31913
- http://securitytracker.com/id?1020774
- http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.htmlPatch
- http://www.redhat.com/support/errata/RHSA-2008-0602.html
- http://www.redhat.com/support/errata/RHSA-2008-0858.html
- http://www.securityfocus.com/bid/30872Patch
- http://www.vupen.com/english/advisories/2008/2480
- https://bugzilla.redhat.com/show_bug.cgi?id=458977
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44731
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2008-3283?
CVE-2008-3283 is a vulnerability with a CVSS score of 7.8 (HIGH). Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory ...
How severe is CVE-2008-3283?
CVE-2008-3283 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3283?
Check the references section above for vendor advisories and patch information. Affected products include: Fedora Directory Server, Redhat Directory Server.