← volver
CVE-2012-0833

CVE-2012-0833

EPSS 0.9%
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://rhn.redhat.com/errata/RHSA-2012-0813.htmlhttp://secunia.com/advisories/48035http://secunia.com/advisories/49562https://fedorahosted.org/389/changeset/1bbbb3e5049c1aa0650546efab87ed2f1ea59637/389-ds-basehttps://fedorahosted.org/389/ticket/162