Back to bug 1299416
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-01-18 10:29:03 UTC | Depends On | 1299417 | |
| Adam Mariš | 2016-01-18 10:29:12 UTC | Depends On | 1299418 | |
| Adam Mariš | 2016-01-18 10:38:15 UTC | Blocks | 1299421 | |
| Noriko Hosoi | 2016-01-18 18:00:34 UTC | Status | NEW | POST |
| Noriko Hosoi | 2016-01-18 18:07:01 UTC | CC | amaris | |
| Flags | needinfo?(amaris) | |||
| Adam Mariš | 2016-01-19 08:58:03 UTC | Depends On | 1299757 | |
| Adam Mariš | 2016-01-19 08:58:08 UTC | Depends On | 1299758 | |
| Adam Mariš | 2016-01-19 08:59:19 UTC | Whiteboard | impact=important,public=20160115,reported=20160115,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-6/389-ds-base=notaffected,rhel-7/389-ds-base=affected,fedora-all/389-ds-base=affected,epel-5/389-ds-base=affected | impact=important,public=20160115,reported=20160115,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-6/389-ds-base=notaffected,rhel-7/389-ds-base=affected,fedora-all/389-ds-base=affected,epel-5/389-ds-base=notaffected |
| Flags | needinfo?(amaris) | |||
| Tomas Hoger | 2016-01-22 13:35:27 UTC | Status | POST | NEW |
| Fixed In Version | 389-ds-base 1.3.4.7 | |||
| Doc Text | It was discovered that the 389 directory server failed to correctly handle unexpectedly closed client connections. A remote attacker able to connect to the server could use this flaw to make the directory server consume an excessive amount of CPU and stop accepting connections. | |||
| Summary | CVE-2016-0741 389-ds-base: Worker threads do not detect abnormally closed connections causing DoS | CVE-2016-0741 389-ds-base: worker threads do not detect abnormally closed connections causing DoS | ||
| Whiteboard | impact=important,public=20160115,reported=20160115,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,rhel-6/389-ds-base=notaffected,rhel-7/389-ds-base=affected,fedora-all/389-ds-base=affected,epel-5/389-ds-base=notaffected | impact=important,public=20160115,reported=20160115,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-772->CWE-835,rhel-6/389-ds-base=notaffected,rhel-7/389-ds-base=affected,fedora-all/389-ds-base=affected,epel-5/389-ds-base=notaffected | ||
| Viktor Ashirov | 2016-01-25 12:13:49 UTC | CC | vashirov | |
| Flags | needinfo?(nhosoi) | |||
| Tomas Hoger | 2016-01-25 12:18:51 UTC | Flags | needinfo?(nhosoi) | |
| Summer Long | 2016-01-27 23:54:07 UTC | CC | slong | |
| Doc Text | It was discovered that the 389 directory server failed to correctly handle unexpectedly closed client connections. A remote attacker able to connect to the server could use this flaw to make the directory server consume an excessive amount of CPU and stop accepting connections. | An infinite-loop vulnerability was discovered in the 389 directory server, where the server failed to correctly handle unexpectedly closed client connections. A remote attacker able to connect to the server could use this flaw to make the directory server consume an excessive amount of CPU and stop accepting connections (denial of service). | ||
| Viktor Ashirov | 2016-02-08 09:08:12 UTC | Status | NEW | VERIFIED |
| Tomas Hoger | 2016-02-08 09:35:29 UTC | Status | VERIFIED | NEW |
| German Parente | 2016-02-10 08:17:46 UTC | CC | gparente | |
| Tomas Hoger | 2016-02-16 13:41:12 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-02-16 08:41:12 UTC | |||
| Adam Mariš | 2016-11-08 15:56:22 UTC | CC | amaris | |
| Product Security DevOps Team | 2019-09-29 13:42:36 UTC | Whiteboard | impact=important,public=20160115,reported=20160115,source=redhat,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-772->CWE-835,rhel-6/389-ds-base=notaffected,rhel-7/389-ds-base=affected,fedora-all/389-ds-base=affected,epel-5/389-ds-base=notaffected | |
| Simon Pichugin | 2020-09-13 21:38:16 UTC | Link ID | Github 389ds/389-ds-base/issues/1743 |
Back to bug 1299416