Skip to content

ReDoS in LDAP schema parser

Moderate severity GitHub Reviewed Published Nov 26, 2021 in python-ldap/python-ldap • Updated Jan 9, 2023

Package

pip python-ldap (pip)

Affected versions

< 3.4.0

Patched versions

3.4.0

Description

python-ldap/python-ldap#424

Impact

The LDAP schema parser of python-ldap 3.3.1 and earlier are vulnerable to a regular expression denial-of-service attack. The issue affects clients that use ldap.schema package to parse LDAP schema definitions from an untrusted source.

Patches

The upcoming release of python-ldap 3.4.0 will contain a workaround to prevent ReDoS attacks. The schema parser refuses schema definitions with an excessive amount of backslashes.

Workarounds

As a workaround, users can check input for excessive amount of backslashes in schemas. More than a dozen backslashes per line are atypical.

References

CWE-1333

For more information

If you have any questions or comments about this advisory:

References

@encukou encukou published to python-ldap/python-ldap Nov 26, 2021
Reviewed Nov 26, 2021
Published to the GitHub Advisory Database Nov 29, 2021
Last updated Jan 9, 2023

Severity

Moderate
6.5
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
Low
User interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-r8wq-qrxc-hmcm

Source code

Checking history
See something to contribute? Suggest improvements for this vulnerability.