Fluid Attacks Database

Description

A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	389-ds-base	=1.4.4.11-2 \|\| =1.4.4.11-2+deb11u1 \|\| =1.4.4.16-1 \|\| =1.4.4.17-1 \|\| =2.0.11-1 \|\| =2.0.11-2 \|\| =2.0.14-1 \|\| =2.0.15-1 \|\| =2.0.15-1.1 \|\| =2.3.1+dfsg1-1 \|\| =2.3.1-1 \|\| =2.3.4+dfsg1-1 \|\| =2.3.4+dfsg1-1.1 \|\| =2.4.4+dfsg1-1 \|\| =2.4.4+dfsg1-3 \|\| =2.4.5+dfsg1-1 \|\| =3.0.2+dfsg1-1 \|\| =3.1.1+dfsg1-1 \|\| =3.1.1+dfsg1-2 \|\| =3.1.1+dfsg1-3 \|\| =3.1.2+dfsg1-1 \|\| =3.1.2+vendor1-1 \|\| =3.1.2+vendor1-2	-
debian 12	389-ds-base	=2.3.1+dfsg1-1 \|\| =2.3.1+dfsg1-1+deb12u1 \|\| =2.3.4+dfsg1-1 \|\| =2.3.4+dfsg1-1.1 \|\| =2.4.4+dfsg1-1 \|\| =2.4.4+dfsg1-3 \|\| =2.4.5+dfsg1-1 \|\| =3.0.2+dfsg1-1 \|\| =3.1.1+dfsg1-1 \|\| =3.1.1+dfsg1-2 \|\| =3.1.1+dfsg1-3 \|\| =3.1.2+dfsg1-1 \|\| =3.1.2+vendor1-1 \|\| =3.1.2+vendor1-2	-
debian 13	389-ds-base	>=0 <3.1.2+dfsg1-1	3.1.2+dfsg1-1
rpm rhel9.4	389-ds-base	<0:2.4.5-14.el9_4	0:2.4.5-14.el9_4
rpm rhel9	389-ds-base	<0:2.5.2-9.el9_5 \|\| >=0:2.6.1, <0:2.6.1-8.el9_6	0:2.6.1-8.el9_6
rpm rhel6	389-ds-base	-	-
rpm rhel7	389-ds-base	-	-
rpm rhel8	389-ds-base	-	-

Aliases

1. CVE-2025-24872. NVD-2025-24873. OSV-DEBIAN-2025-24874. OSV-2025-24875. SECURITY-TRACKER-CVE-2025-2487

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.