CVE-2026-11793
MediumCVSS 4.9Exploitation Probability (EPSS)
Low risk25th percentile - higher than 25% of all known CVEs
Summary
A stack buffer overflow was discovered in 389 Directory Server in the checkPrefix() function in pw.c. It copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values.
Risk Assessment
An attacker with Directory Manager privileges can crash the LDAP server by storing a crafted credential with an oversized algorithm ID. FORTIFY_SOURCE mitigates this to denial of service only.
Recommendation
Update 389 Directory Server to the latest patched version immediately. Restrict Directory Manager account access to trusted administrators only.
Original NVD description (English source)
A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix() function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can crash the LDAP server by storing a crafted credential with an oversized algorithm ID. FORTIFY_SOURCE mitigates this to denial of service only.

