389 Directory Server LDAP Control Data Handling Denial
389 Directory Server LDAP Control Data Handling Denial of Service Vulnerability
Release Date : 2013-03-12
Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch
Software: 389 Directory Server (formerly known as Fedora Directory Server) 1.x
A vulnerability has been reported in 389 Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error when handling LDAP control data, which can be exploited to crash the server by sending a specially crafted LDAP control sequence.
The vulnerability is reported in versions prior to 22.214.171.124.
Update to version 126.96.36.199.
Provided and/or discovered by:
The vendor credits Thierry Bordaz, Red Hat.