Unrated severityNVD Advisory· Published Nov 3, 2014· Updated May 6, 2026

CVE-2013-0336

Description

The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the directory server (dirsrv) in FreeIPA before 3.2.0 allows remote attackers to cause a denial of service (crash) via a connection request without a username/dn, related to the 389 directory server.

Affected products

Red Hat/Freeipa8 versions
cpe:2.3:a:redhat:freeipa:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:redhat:freeipa:*:*:*:*:*:*:*:*range: <=3.1.5
- cpe:2.3:a:redhat:freeipa:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.1.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

fedorahosted.org/freeipa/ticket/3539nvdPatch
git.fedorahosted.org/cgit/freeipa.git/commit/nvdExploitPatch
secunia.com/advisories/52763nvd
www.securityfocus.com/bid/58747nvd
bugzilla.redhat.com/show_bug.cginvd
exchange.xforce.ibmcloud.com/vulnerabilities/83132nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000