Bug 787014 - (CVE-2012-0833) CVE-2012-0833 389: denial of service when using certificate groups
CVE-2012-0833 389: denial of service when using certificate groups
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20120105,reported=2...
: Security
Depends On: 781519 890944
Blocks: 784298 790261
  Show dependency treegraph
 
Reported: 2012-02-02 17:03 EST by Vincent Danen
Modified: 2015-08-22 02:24 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
see https://bugzilla.redhat.com/show_bug.cgi?id=781519
Story Points: ---
Clone Of:
: 890944 (view as bug list)
Environment:
Last Closed: 2015-08-22 02:24:40 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Vincent Danen 2012-02-02 17:03:00 EST
A flaw was found [1] in the way 389 handled certificate groups with authentication.  If a 389 server were configured to use certificate groups, and had an aci that included a certificate group, it would be possible a remote, authenticated user to cause 389 to enter an infinite loop and consume all available CPU, causing it to stop responding to further requests.

This has been resolved in upstream git [2].

[1] https://fedorahosted.org/389/ticket/162
[2] https://fedorahosted.org/389/changeset/1bbbb3e5049c1aa0650546efab87ed2f1ea59637/389-ds-base
Comment 3 Kurt Seifried 2012-02-03 03:51:57 EST
Corrected CVE typo
Comment 7 Murray McAllister 2012-06-15 08:08:10 EDT
Acknowledgements:

Red Hat would like to thank Graham Leggett for reporting this issue.
Comment 8 errata-xmlrpc 2012-06-20 03:13:12 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2012:0813 https://rhn.redhat.com/errata/RHSA-2012-0813.html
Comment 10 Vincent Danen 2013-02-21 11:14:15 EST
Statement:

(none)
Comment 11 errata-xmlrpc 2013-02-21 14:04:19 EST
This issue has been addressed in following products:

  Red Hat Directory Server 8 for RHEL 5

Via RHSA-2013:0549 https://rhn.redhat.com/errata/RHSA-2013-0549.html

Note You need to log in before you can comment on or make changes to this bug.