Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4449HistoryFeb 05, 2014 - 6:55 p.m.
CVE-2013-4449
2014-02-0518:55:06
Debian Security Bug Tracker
security-tracker.debian.org
13
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.94 High
EPSS
Percentile
99.2%
The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | openldap | <Β 2.4.39-1.1 | openldap_2.4.39-1.1_all.deb |
| Debian | 11 | all | openldap | <Β 2.4.39-1.1 | openldap_2.4.39-1.1_all.deb |
| Debian | 999 | all | openldap | <Β 2.4.39-1.1 | openldap_2.4.39-1.1_all.deb |
| Debian | 13 | all | openldap | <Β 2.4.39-1.1 | openldap_2.4.39-1.1_all.deb |
Related
openvas
openvas
OpenLDAP < 2.4.40 DoS Vulnerability
2021-11-02 00:00:00
RedHat Update for openldap RHSA-2014:0206-01
2014-02-25 00:00:00
CentOS Update for compat-openldap CESA-2014:0206 centos5
2014-02-25 00:00:00
securityvulns
securityvulns
OpenLDAP DoS
2014-04-07 00:00:00
[ MDVSA-2014:026 ] openldap
2014-04-07 00:00:00
OpenLDAP multiple security vulnerabilities
2015-04-13 00:00:00
nessus
nessus
CentOS 5 : openldap (CESA-2014:0206)
2014-02-25 00:00:00
Oracle Linux 5 : openldap (ELSA-2014-0206)
2014-02-25 00:00:00
Mandriva Linux Security Advisory : openldap (MDVSA-2014:026)
2014-02-13 00:00:00
cvelist
cvelist
CVE-2013-4449
2014-02-05 18:00:00
oraclelinux
oraclelinux
openldap security update
2014-02-24 00:00:00
openldap security and bug fix update
2014-02-03 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: openldap-2.4.39-2.fc19
2014-03-11 04:01:35
[SECURITY] Fedora 20 Update: openldap-2.4.39-2.fc20
2014-02-11 23:13:08
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:56:00
cve
cve
CVE-2013-4449
2014-02-05 18:55:06
seebug
seebug
Cisco Unified Communications Managerζη»ζε‘ζΌζ΄
2014-04-08 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenLDAP rwm Overlay Denial of Service (CVE-2013-4449)
2013-12-22 00:00:00
OpenLDAP rwm Overlay Denial of Service - ver 2 (CVE-2013-4449)
2014-05-18 00:00:00
redhat
redhat
(RHSA-2014:0206) Moderate: openldap security update
2014-02-24 00:00:00
(RHSA-2014:0126) Moderate: openldap security and bug fix update
2014-02-03 00:00:00
nvd
nvd
CVE-2013-4449
2014-02-05 18:55:06
ubuntucve
ubuntucve
CVE-2013-4449
2014-02-05 00:00:00
centos
centos
compat, openldap security update
2014-02-24 19:35:05
openldap security update
2014-02-04 05:35:44
amazon
amazon
Medium: openldap
2014-02-26 16:22:00
prion
prion
Design/Logic Flaw
2014-02-05 18:55:00
f5
f5
SOL16882 - OpenLDAP vulnerability CVE-2013-4449
2015-07-02 00:00:00
K16882 : OpenLDAP vulnerability CVE-2013-4449
2015-07-02 00:00:00
mageia
mageia
Updated openldap packages fix security vulnerability
2014-02-12 21:20:43
ubuntu
ubuntu
OpenLDAP vulnerabilities
2015-05-26 00:00:00
osv
osv
openldap - security update
2015-03-30 00:00:00
openldap - security update
2015-04-18 00:00:00
debian
debian
[SECURITY] [DSA 3209-1] openldap security update
2015-03-30 21:04:31
[SECURITY] [DLA 203-1] openldap security update
2015-04-18 15:26:21
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.94 High
EPSS
Percentile
99.2%
Related for DEBIANCVE:CVE-2013-4449