CVE-2021-3480 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2021-3480 Interim 1 4 2025-02-17T01:01:22Z current 2023-10-31T00:30:15Z 2025-02-17T01:01:22Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2021-3480 A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 7 SUSE Liberty Linux 8 bind-dyndb-ldap-11.6-2.module+el8.4.0+9328+4ec4e316 custodia-0.6.0-3.module+el8.1.0+4098+f286395e ipa-client-4.9.2-3.module+el8.4.0+10412+5ecb5b37 ipa-client-common-4.9.2-3.module+el8.4.0+10412+5ecb5b37 ipa-client-epn-4.9.2-3.module+el8.4.0+10412+5ecb5b37 ipa-client-samba-4.9.2-3.module+el8.4.0+10412+5ecb5b37 ipa-common-4.9.2-3.module+el8.4.0+10412+5ecb5b37 ipa-healthcheck-0.7-3.module+el8.4.0+9007+5084bdd8 ipa-healthcheck-core-0.7-3.module+el8.4.0+9007+5084bdd8 ipa-python-compat-4.9.2-3.module+el8.4.0+10412+5ecb5b37 ipa-selinux-4.9.2-3.module+el8.4.0+10412+5ecb5b37 ipa-server-4.9.2-3.module+el8.4.0+10412+5ecb5b37 ipa-server-common-4.9.2-3.module+el8.4.0+10412+5ecb5b37 ipa-server-dns-4.9.2-3.module+el8.4.0+10412+5ecb5b37 ipa-server-trust-ad-4.9.2-3.module+el8.4.0+10412+5ecb5b37 opendnssec-2.1.7-1.module+el8.4.0+9007+5084bdd8 python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e python3-ipaclient-4.9.2-3.module+el8.4.0+10412+5ecb5b37 python3-ipalib-4.9.2-3.module+el8.4.0+10412+5ecb5b37 python3-ipaserver-4.9.2-3.module+el8.4.0+10412+5ecb5b37 python3-ipatests-4.9.2-3.module+el8.4.0+10412+5ecb5b37 python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456 python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e slapi-nis-0.56.5-4.el7_9 slapi-nis-0.56.6-2.module+el8.4.0+10615+2234cc2c softhsm-2.6.0-5.module+el8.4.0+10227+076cd560 softhsm-devel-2.6.0-5.module+el8.4.0+10227+076cd560 slapi-nis-0.56.5-4.el7_9 as a component of SUSE Liberty Linux 7 bind-dyndb-ldap-11.6-2.module+el8.4.0+9328+4ec4e316 as a component of SUSE Liberty Linux 8 custodia-0.6.0-3.module+el8.1.0+4098+f286395e as a component of SUSE Liberty Linux 8 ipa-client-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 ipa-client-common-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 ipa-client-epn-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 ipa-client-samba-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 ipa-common-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 ipa-healthcheck-0.7-3.module+el8.4.0+9007+5084bdd8 as a component of SUSE Liberty Linux 8 ipa-healthcheck-core-0.7-3.module+el8.4.0+9007+5084bdd8 as a component of SUSE Liberty Linux 8 ipa-python-compat-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 ipa-selinux-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 ipa-server-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 ipa-server-common-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 ipa-server-dns-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 ipa-server-trust-ad-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 opendnssec-2.1.7-1.module+el8.4.0+9007+5084bdd8 as a component of SUSE Liberty Linux 8 python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e as a component of SUSE Liberty Linux 8 python3-ipaclient-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 python3-ipalib-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 python3-ipaserver-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 python3-ipatests-4.9.2-3.module+el8.4.0+10412+5ecb5b37 as a component of SUSE Liberty Linux 8 python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e as a component of SUSE Liberty Linux 8 python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456 as a component of SUSE Liberty Linux 8 python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e as a component of SUSE Liberty Linux 8 python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e as a component of SUSE Liberty Linux 8 python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e as a component of SUSE Liberty Linux 8 python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e as a component of SUSE Liberty Linux 8 slapi-nis-0.56.6-2.module+el8.4.0+10615+2234cc2c as a component of SUSE Liberty Linux 8 softhsm-2.6.0-5.module+el8.4.0+10227+076cd560 as a component of SUSE Liberty Linux 8 softhsm-devel-2.6.0-5.module+el8.4.0+10227+076cd560 as a component of SUSE Liberty Linux 8 A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability. CVE-2021-3480 SUSE Liberty Linux 7:slapi-nis-0.56.5-4.el7_9 SUSE Liberty Linux 8:bind-dyndb-ldap-11.6-2.module+el8.4.0+9328+4ec4e316 SUSE Liberty Linux 8:custodia-0.6.0-3.module+el8.1.0+4098+f286395e SUSE Liberty Linux 8:ipa-client-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:ipa-client-common-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:ipa-client-epn-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:ipa-client-samba-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:ipa-common-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:ipa-healthcheck-0.7-3.module+el8.4.0+9007+5084bdd8 SUSE Liberty Linux 8:ipa-healthcheck-core-0.7-3.module+el8.4.0+9007+5084bdd8 SUSE Liberty Linux 8:ipa-python-compat-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:ipa-selinux-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:ipa-server-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:ipa-server-common-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:ipa-server-dns-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:ipa-server-trust-ad-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:opendnssec-2.1.7-1.module+el8.4.0+9007+5084bdd8 SUSE Liberty Linux 8:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e SUSE Liberty Linux 8:python3-ipaclient-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:python3-ipalib-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:python3-ipaserver-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:python3-ipatests-4.9.2-3.module+el8.4.0+10412+5ecb5b37 SUSE Liberty Linux 8:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e SUSE Liberty Linux 8:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456 SUSE Liberty Linux 8:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e SUSE Liberty Linux 8:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e SUSE Liberty Linux 8:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e SUSE Liberty Linux 8:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e SUSE Liberty Linux 8:slapi-nis-0.56.6-2.module+el8.4.0+10615+2234cc2c SUSE Liberty Linux 8:softhsm-2.6.0-5.module+el8.4.0+10227+076cd560 SUSE Liberty Linux 8:softhsm-devel-2.6.0-5.module+el8.4.0+10227+076cd560 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H