Denial of Service Vulnerability in 389 Directory Server by Red Hat
CVE-2011-0019

Currently unrated

Key Information:

Vendor: Fedoraproject
Status: 389 Directory Server
Vendor: CVE Published:; 23 February 2011

Summary

The 389 Directory Server version 1.2.7.5, also known as Red Hat Directory Server 8.2.x, is susceptible to a vulnerability that arises from its improper handling of simple paged result searches. This flaw can be exploited by remote attackers, allowing them to initiate multiple search requests that may lead to a denial of service condition by crashing the server's daemon. Consequently, this could disrupt the normal operation of the server and potentially impact other services, making this vulnerability critical to address.

References

http://www.securitytracker.com/id?1025102

vdb-entryx_refsource_SECTRACK

https://bugzilla.redhat.com/show_bug.cgi?id=666076

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=670914

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 23, 2011
Vulnerability Reserved
Dec 7, 2010