- Description
- Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:alpha_centauri_software:sidvault_ldap_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A456360A-BAD4-4C76-B9CB-2FF4EBB12A5C",
"versionEndIncluding": "2.0e"
}
],
"operator": "OR"
}
]
}
]