Red Hat Bugzilla – Bug 999634
CVE-2013-4283 389-ds-base: ns-slapd crash due to bogus DN
Last modified: 2015-10-15 13:57:20 EDT
It was discovered that ns-slapd in 389 suffered from a flaw where a remote unauthenticated user able to send a MOD operation on a bogus DN to the 389 Directory Server and cause it to crash.
This issue does not affect Red Hat Directory Server 8.
Created 389-ds-base tracking bugs for this issue:
Affects: fedora-all [bug 1002215]
Affects: epel-5 [bug 1002216]
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2013:1182 https://rhn.redhat.com/errata/RHSA-2013-1182.html
389-ds-base-220.127.116.11-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
389-ds-base-18.104.22.168-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.