CVE-2008-2930
First published: Fri Jul 04 2008(Updated: )
It was discovered that Red Hat Directory Server and Fedora Directory Server is prone to a temporary denial of service attack (high CPU usage) via crafted LDAP search patterns. LDAP search patterns are internally translated to regular expressions. If the regular expression is matched against specially crafted record already stored in the LDAP, it may cause regular expression NFA to iterate over large amount of states, causing one slapd thread to occupy CPU for excessive amount of time. Additionally, due to a current design of the regular expression handling code, only one slapd thread can execute regular expression NFA code at the time. Because of that, during the processing of such CPU intensive search request, all other search requests using patterns are blocked. Affected version: Red Hat Directory Server 7.1 and 8 Fedora Directory Server 1.1.1
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Directory Server | =7.1-sp4 | |
| Redhat Directory Server | =7.1-sp6 | |
| Redhat Directory Server | =7.1-sp2 | |
| Redhat Directory Server | =7.1-sp1 | |
| Redhat Directory Server | =8.0 | |
| Fedora Directory Server | =1.1.1 | |
| Redhat Directory Server | =7.1-sp5 | |
| Redhat Directory Server | =7.1-sp3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html
- https://bugzilla.redhat.com/show_bug.cgi?id=454065
- https://rhn.redhat.com/errata/RHSA-2008-0596.html
- http://www.securityfocus.com/bid/30871
- http://securitytracker.com/id?1020773
- http://www.redhat.com/support/errata/RHSA-2008-0602.html
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861
- http://secunia.com/advisories/31627
- http://secunia.com/advisories/31702
- http://secunia.com/advisories/31565
- http://www.redhat.com/support/errata/RHSA-2008-0858.html
- http://secunia.com/advisories/31867
- https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00521.html
- https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00708.html
- http://www.vupen.com/english/advisories/2008/2480
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44733
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6078
- http://errata.devel.redhat.com/errata/show/7676
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/event
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2008-2930
- agent/tags
- agent/trending
- vendor/redhat
- canonical/redhat directory server
- version/redhat directory server/7.1-sp4
- version/redhat directory server/7.1-sp6
- version/redhat directory server/7.1-sp2
- version/redhat directory server/7.1-sp1
- version/redhat directory server/8.0
- vendor/fedora
- canonical/fedora directory server
- version/fedora directory server/1.1.1
- version/redhat directory server/7.1-sp5
- version/redhat directory server/7.1-sp3