A flaw was found [1] in the way 389 handled certificate groups with authentication. If a 389 server were configured to use certificate groups, and had an aci that included a certificate group, it would be possible a remote, authenticated user to cause 389 to enter an infinite loop and consume all available CPU, causing it to stop responding to further requests. This has been resolved in upstream git [2]. [1] https://fedorahosted.org/389/ticket/162 [2] https://fedorahosted.org/389/changeset/1bbbb3e5049c1aa0650546efab87ed2f1ea59637/389-ds-base
Corrected CVE typo
Acknowledgements: Red Hat would like to thank Graham Leggett for reporting this issue.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:0813 https://rhn.redhat.com/errata/RHSA-2012-0813.html
Statement: (none)
This issue has been addressed in following products: Red Hat Directory Server 8 for RHEL 5 Via RHSA-2013:0549 https://rhn.redhat.com/errata/RHSA-2013-0549.html