GHSA-v6v5-66j3-444pMediumCVSS 4.9

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix() function in pw...

Published
June 9, 2026
Last Modified
June 9, 2026

🔗 CVE IDs covered (1)

📋 Description

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix() function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can crash the LDAP server by storing a crafted credential with an oversized algorithm ID. FORTIFY_SOURCE mitigates this to denial of service only.

🔗 References (5)