Vulnerability Description
389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Enterprise Linux | 6.0 |
| Fedoraproject | 389 Directory Server | 1.2.11.15 |
| Redhat | Directory Server | <= 8.2 |
Related Weaknesses (CWE)
References
- http://rhn.redhat.com/errata/RHSA-2013-1752.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2013-1753.htmlVendor Advisory
- http://secunia.com/advisories/55765Vendor Advisory
- http://rhn.redhat.com/errata/RHSA-2013-1752.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2013-1753.htmlVendor Advisory
- http://secunia.com/advisories/55765Vendor Advisory
FAQ
What is CVE-2013-4485?
CVE-2013-4485 is a vulnerability with a CVSS score of 4.0 (MEDIUM). 389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list ...
How severe is CVE-2013-4485?
CVE-2013-4485 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4485?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Enterprise Linux, Fedoraproject 389 Directory Server, Redhat Directory Server.