Strix
26.1K

CVE-2013-4449

UnknownEPSS 10.91%

Last modified

CVE-2013-4449 is a vulnerability of currently unknown severity. The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.. EPSS estimates a 10.91% chance of exploitation in the next 30 days.

Description

The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.

Metrics

EPSS Probability
10.91%

95.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
DebianDebian Linux7.0
DebianDebian Linux8.0
OpenldapOpenldap<= 2.4.36
OpenldapOpenldap2.4.6
OpenldapOpenldap2.4.7
OpenldapOpenldap2.4.8
OpenldapOpenldap2.4.9
OpenldapOpenldap2.4.10
OpenldapOpenldap2.4.11
OpenldapOpenldap2.4.12
OpenldapOpenldap2.4.13
OpenldapOpenldap2.4.14
OpenldapOpenldap2.4.15
OpenldapOpenldap2.4.16
OpenldapOpenldap2.4.17
OpenldapOpenldap2.4.18
OpenldapOpenldap2.4.19
OpenldapOpenldap2.4.20
OpenldapOpenldap2.4.21
OpenldapOpenldap2.4.22
OpenldapOpenldap2.4.23
OpenldapOpenldap2.4.24
OpenldapOpenldap2.4.25
OpenldapOpenldap2.4.26
OpenldapOpenldap2.4.27
OpenldapOpenldap2.4.28
OpenldapOpenldap2.4.29
OpenldapOpenldap2.4.30
OpenldapOpenldap2.4.31
OpenldapOpenldap2.4.32
OpenldapOpenldap2.4.33
OpenldapOpenldap2.4.34
OpenldapOpenldap2.4.35

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-4449?
The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search.
How severe is CVE-2013-4449?
Severity scoring for CVE-2013-4449 is pending analysis. The EPSS model estimates a 10.91% probability of exploitation in the next 30 days.
How do I fix CVE-2013-4449?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-4449?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST