CVE-2005-2377
Last modified
CVE-2005-2377 is a vulnerability of currently unknown severity. nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable. NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE.. EPSS estimates a 2.51% chance of exploitation in the next 30 days.
Description
nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable. NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Mandrakesoft | Mandrake Linux | 10.0 |
| Mandrakesoft | Mandrake Linux Corporate Server | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-2377?
How severe is CVE-2005-2377?
How do I fix CVE-2005-2377?
Are you affected by CVE-2005-2377?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST