CVE-2013-0336
EPSS 1.1%
Description
The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the directory server (dirsrv) in FreeIPA before 3.2.0 allows remote attackers to cause a denial of service (crash) via a connection request without a username/dn, related to the 389 directory server.
How to fix CVE-2013-0336
To remediate CVE-2013-0336, upgrade the affected package to a fixed version below.
- Debian/389-ds-base—upgrade to 1.3.2.9-1 or later
Is CVE-2013-0336 being exploited?
Low — EPSS is 1.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.3.2.9-1