CVE-2017-2591

low-risk

Published 2018-04-30

389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. An authenticated, or possibly unauthenticated, attacker could use this flaw to force an out-of-bound heap memory read, possibly triggering a crash of the LDAP service.

Do I need to act?

2.8% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 3.7/10 Low

NETWORK / HIGH complexity

Affected Products (2)

389 Directory Server

Enterprise Linux

Affected Vendors

Redhat Fedoraproject

References (6)

Third Party Advisory http://www.securityfocus.com/bid/95670

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2591

Patch https://pagure.io/389-ds-base/issue/48986

Third Party Advisory http://www.securityfocus.com/bid/95670

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2591

Patch https://pagure.io/389-ds-base/issue/48986

/ 100

low-risk

Severity 13/34 · Low

Exploitability 6/34 · Minimal

Exposure 7/34 · Low