389-ds-base LDAP Search Filters Out-of-Bounds Memory Read Denial of Service Vulnerability

CVE Number – CVE-2018-1054

A vulnerability in the 389-ds-base package used by multiple products could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.

The vulnerability is due to improper handling of certain Lightweight Directory Access Protocol (LDAP) search filters by the affected software. An attacker could exploit this vulnerability by sending a crafted LDAP request to a targeted system. An exploit could trigger an out-of-bounds memory read condition causing the ns-slapd process on the system to crash, resulting in a DoS condition.

The 389 Directory Server Project has confirmed the vulnerability and released software updates.

  • To exploit this vulnerability, an attacker must send a crafted LDAP request to the targeted system, making exploitation more difficult in environments that restrict network access from untrusted sources.
  • Administrators are advised to apply the appropriate updates.

    Administrators are advised to allow only trusted users to have network access.

    Administrators can help protect affected systems from external attacks by using a solid firewall strategy.

    Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.

    Administrators are advised to monitor affected systems.

Vendor Announcements
Fixed Software

Leave a Reply