Nathan Kinder discovered that Red Hat / Fedora Directory Server uses fixed-size buffer for storing regular expressions used in LDAP searches. This buffer can overflow when search pattern from user-supplied LDAP request is translated into a regular expression, resulting in a slapd daemon crash, or, possibly, arbitrary code execution. This issue can be triggered by any user permitted to perform LDAP searches, including anonymous user if anonymous access is permitted by ACLs (permitted by default). Affected versions: Red Hat Directory Server 7.1 Red Hat Directory Server 8 Fedora Directory Server 1.1
https://access.redhat.com/security/cve/CVE-2008-1677