CVE-2018-10935 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-10935 Interim 1 25 2022-12-03T01:42:15Z current 2021-05-30T14:13:14Z 2022-12-03T01:42:15Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-10935 A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2019-May/005444.html E-Mail link for SUSE-SU-2019:1207-1 https://lists.suse.com/pipermail/sle-security-updates/2019-July/005641.html E-Mail link for SUSE-SU-2019:1207-2 https://lists.suse.com/pipermail/sle-security-updates/2019-August/005817.html E-Mail link for SUSE-SU-2019:2155-1 https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html E-Mail link for openSUSE-SU-2019:1397-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP4 openSUSE Leap 15.0 openSUSE Tumbleweed 389-ds-1.4.0.26~git0.8a2d3de6f-4.14.1 389-ds-1.4.0.3-lp150.3.3.1 389-ds-1.4.3.9~git0.3eb8617f6-1.2 389-ds-1.4.4.14~git0.37dc95673-1.1 389-ds-2.0.10~git0.21dd2802c-1.1 389-ds-2.0.15~git17.498ec3e93-150400.1.3 389-ds-devel-1.4.0.26~git0.8a2d3de6f-4.14.1 389-ds-devel-1.4.0.3-lp150.3.3.1 389-ds-devel-1.4.3.9~git0.3eb8617f6-1.2 389-ds-devel-1.4.4.14~git0.37dc95673-1.1 389-ds-devel-2.0.10~git0.21dd2802c-1.1 389-ds-devel-2.0.15~git17.498ec3e93-150400.1.3 389-ds-snmp-1.4.0.3-lp150.3.3.1 389-ds-snmp-2.0.10~git0.21dd2802c-1.1 lib389-1.4.3.9~git0.3eb8617f6-1.2 lib389-1.4.4.14~git0.37dc95673-1.1 lib389-2.0.10~git0.21dd2802c-1.1 lib389-2.0.15~git17.498ec3e93-150400.1.3 libsvrcore0-1.4.3.9~git0.3eb8617f6-1.2 libsvrcore0-1.4.4.14~git0.37dc95673-1.1 libsvrcore0-2.0.10~git0.21dd2802c-1.1 libsvrcore0-2.0.15~git17.498ec3e93-150400.1.3 389-ds-1.4.0.26~git0.8a2d3de6f-4.14.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 389-ds-devel-1.4.0.26~git0.8a2d3de6f-4.14.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 389-ds-1.4.0.26~git0.8a2d3de6f-4.14.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP1 389-ds-devel-1.4.0.26~git0.8a2d3de6f-4.14.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP1 389-ds-1.4.3.9~git0.3eb8617f6-1.2 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 389-ds-devel-1.4.3.9~git0.3eb8617f6-1.2 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 lib389-1.4.3.9~git0.3eb8617f6-1.2 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libsvrcore0-1.4.3.9~git0.3eb8617f6-1.2 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 389-ds-1.4.4.14~git0.37dc95673-1.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 389-ds-devel-1.4.4.14~git0.37dc95673-1.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 lib389-1.4.4.14~git0.37dc95673-1.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 libsvrcore0-1.4.4.14~git0.37dc95673-1.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 389-ds-2.0.15~git17.498ec3e93-150400.1.3 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP4 389-ds-devel-2.0.15~git17.498ec3e93-150400.1.3 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP4 lib389-2.0.15~git17.498ec3e93-150400.1.3 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP4 libsvrcore0-2.0.15~git17.498ec3e93-150400.1.3 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP4 389-ds-1.4.0.3-lp150.3.3.1 as a component of openSUSE Leap 15.0 389-ds-devel-1.4.0.3-lp150.3.3.1 as a component of openSUSE Leap 15.0 389-ds-snmp-1.4.0.3-lp150.3.3.1 as a component of openSUSE Leap 15.0 389-ds-2.0.10~git0.21dd2802c-1.1 as a component of openSUSE Tumbleweed 389-ds-devel-2.0.10~git0.21dd2802c-1.1 as a component of openSUSE Tumbleweed 389-ds-snmp-2.0.10~git0.21dd2802c-1.1 as a component of openSUSE Tumbleweed lib389-2.0.10~git0.21dd2802c-1.1 as a component of openSUSE Tumbleweed libsvrcore0-2.0.10~git0.21dd2802c-1.1 as a component of openSUSE Tumbleweed A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort. CVE-2018-10935 SUSE Linux Enterprise Module for Server Applications 15:389-ds-1.4.0.26~git0.8a2d3de6f-4.14.1 SUSE Linux Enterprise Module for Server Applications 15:389-ds-devel-1.4.0.26~git0.8a2d3de6f-4.14.1 SUSE Linux Enterprise Module for Server Applications 15 SP1:389-ds-1.4.0.26~git0.8a2d3de6f-4.14.1 SUSE Linux Enterprise Module for Server Applications 15 SP1:389-ds-devel-1.4.0.26~git0.8a2d3de6f-4.14.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:389-ds-1.4.3.9~git0.3eb8617f6-1.2 SUSE Linux Enterprise Module for Server Applications 15 SP2:389-ds-devel-1.4.3.9~git0.3eb8617f6-1.2 SUSE Linux Enterprise Module for Server Applications 15 SP2:lib389-1.4.3.9~git0.3eb8617f6-1.2 SUSE Linux Enterprise Module for Server Applications 15 SP2:libsvrcore0-1.4.3.9~git0.3eb8617f6-1.2 SUSE Linux Enterprise Module for Server Applications 15 SP3:389-ds-1.4.4.14~git0.37dc95673-1.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:389-ds-devel-1.4.4.14~git0.37dc95673-1.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:lib389-1.4.4.14~git0.37dc95673-1.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:libsvrcore0-1.4.4.14~git0.37dc95673-1.1 SUSE Linux Enterprise Module for Server Applications 15 SP4:389-ds-2.0.15~git17.498ec3e93-150400.1.3 SUSE Linux Enterprise Module for Server Applications 15 SP4:389-ds-devel-2.0.15~git17.498ec3e93-150400.1.3 SUSE Linux Enterprise Module for Server Applications 15 SP4:lib389-2.0.15~git17.498ec3e93-150400.1.3 SUSE Linux Enterprise Module for Server Applications 15 SP4:libsvrcore0-2.0.15~git17.498ec3e93-150400.1.3 openSUSE Leap 15.0:389-ds-1.4.0.3-lp150.3.3.1 openSUSE Leap 15.0:389-ds-devel-1.4.0.3-lp150.3.3.1 openSUSE Leap 15.0:389-ds-snmp-1.4.0.3-lp150.3.3.1 openSUSE Tumbleweed:389-ds-2.0.10~git0.21dd2802c-1.1 openSUSE Tumbleweed:389-ds-devel-2.0.10~git0.21dd2802c-1.1 openSUSE Tumbleweed:389-ds-snmp-2.0.10~git0.21dd2802c-1.1 openSUSE Tumbleweed:lib389-2.0.10~git0.21dd2802c-1.1 openSUSE Tumbleweed:libsvrcore0-2.0.10~git0.21dd2802c-1.1 moderate 4 AV:N/AC:L/Au:S/C:N/I:N/A:P 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H