Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
389 Directory Server拒绝服务漏洞
Vulnerability Description
Red Hat 389 Directory Server(前称Fedora Directory Server)是美国红帽(Red Hat)公司的一款企业级的Linux目录服务器。该服务器完全支持LDAPv3规范,具有可扩展、多主复制等特点。 389 Directory Server 1.2.10之前版本中存在漏洞,恶意用户可利用该漏洞导致DoS(拒绝服务)。该漏洞源于处理某些证书组时,"acllas__handle_group_entry()"函数(servers/plugins/acl/acllas.c
CVSS Information
N/A
Vulnerability Type
N/A