Download
| Alert*
|
oval:org.secpod.oval:def:1600953
It was found that a specially crafted search query could lead to excessive CPU consumption in the do_search function. An unauthenticated attacker could use this flaw to provoke a denial of service. oval:org.secpod.oval:def:1600939 A vulnerability was discovered in 389-ds-base. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency. An attacker could send a flood of modifications to a very large DN, which would cause slapd to crash.A race condition was found in the way 38 ... oval:org.secpod.oval:def:204879 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * 389-ds-base: race condition on reference counter leads to DoS using persistent search * 389- ... oval:org.secpod.oval:def:1502319 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502364 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * 389-ds-base: race condition on reference counter leads to DoS using persistent search * 389- ... oval:org.secpod.oval:def:1700016 Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c:It was found that 389-ds-base did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use this flaw to bypass ... oval:org.secpod.oval:def:1700008 Remote DoS via search filters in slapi_filter_sprintf in slapd/util.cA stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus ... |
