We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-5953

389-ds-base: malformed userpassword hash may cause denial of service



Description

A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.

Reserved 2024-06-13 | Published 2024-06-18 | Updated 2025-02-18 | Assigner redhat


MEDIUM: 5.7CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Problem types

Improper Validation of Consistency within Input

Product status

Default status
affected

Default status
affected

8060020250210084424.0ca98e7e before *
unaffected

Default status
affected

8080020240909040333.f969626e before *
unaffected

Default status
affected

8100020240902112955.37ed7c03 before *
unaffected

Default status
affected

9020020240916150035.1674d574 before *
unaffected

Default status
affected

9040020240723122852.1674d574 before *
unaffected

Default status
affected

0:1.3.11.1-6.el7_9 before *
unaffected

Default status
affected

8100020240910065753.25e700aa before *
unaffected

Default status
affected

8080020240807050952.6dbb3803 before *
unaffected

Default status
affected

0:2.4.5-9.el9_4 before *
unaffected

Default status
affected

0:2.2.4-9.el9_2 before *
unaffected

Default status
unknown

Timeline

2024-06-13:Reported to Red Hat.
2024-06-13:Made public.

Credits

This issue was discovered by Têko Mihinto (Red Hat).

References

access.redhat.com/errata/RHSA-2024:4633 (RHSA-2024:4633) vendor-advisory

access.redhat.com/errata/RHSA-2024:4997 (RHSA-2024:4997) vendor-advisory

access.redhat.com/errata/RHSA-2024:5192 (RHSA-2024:5192) vendor-advisory

access.redhat.com/errata/RHSA-2024:5690 (RHSA-2024:5690) vendor-advisory

access.redhat.com/errata/RHSA-2024:6153 (RHSA-2024:6153) vendor-advisory

access.redhat.com/errata/RHSA-2024:6568 (RHSA-2024:6568) vendor-advisory

access.redhat.com/errata/RHSA-2024:6569 (RHSA-2024:6569) vendor-advisory

access.redhat.com/errata/RHSA-2024:6576 (RHSA-2024:6576) vendor-advisory

access.redhat.com/errata/RHSA-2024:7458 (RHSA-2024:7458) vendor-advisory

access.redhat.com/errata/RHSA-2025:1632 (RHSA-2025:1632) vendor-advisory

access.redhat.com/security/cve/CVE-2024-5953 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2292104 (RHBZ#2292104) issue-tracking

cve.org (CVE-2024-5953)

nvd.nist.gov (CVE-2024-5953)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-5953

Support options

Helpdesk Chat, Email, Knowledgebase