An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service.
Acknowledgments: Name: Joachim Jabs (F24)
Created 389-ds-base tracking bugs for this issue: Affects: fedora-all [bug 1440613]
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2017:0893 https://access.redhat.com/errata/RHSA-2017:0893
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:0920 https://access.redhat.com/errata/RHSA-2017:0920
For tracking: upstream ticket https://pagure.io/389-ds-base/issue/49220