N/A

A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN, which would cause slapd to crash.

N/A

输入验证不恰当

389-ds-base和merge 输入验证错误漏洞

389-ds-base是一个高度可用、功能齐全、可靠且安全的 LDAP 服务器实现。它处理世界上许多最大的 LDAP 部署。 389-ds-base 1.3.7.10版本, 1.3.8.8版本和1.4.0.16版本存在输入验证错误漏洞，该漏洞源于在重新打开日志文件时，未正确使用控制错误日志的锁。攻击者利用该漏洞可以导致拒绝服务。

N/A

N/A