INFSA-2025:7395: 389-ds-base security update
Information about definition
Identificator: INFSA-2025:7395
Type: security
Release date: 2025-06-10 11:48:18 UTC
Information about package
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.
Vulnerabilities description
- CVE-2025-2487
A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-2487
|
no information | 4.9 | no information |
Updated packages