CVE-2012-0833

The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.

🔗 References (10)

• secalert@redhathttp://rhn.redhat.com/errata/RHSA-2012-0813.html
• secalert@redhathttp://secunia.com/advisories/48035
• secalert@redhathttp://secunia.com/advisories/49562
• secalert@redhathttps://fedorahosted.org/389/changeset/1bbbb3e5049c1aa0650546efab87ed2f1ea59637/389-ds-base
• secalert@redhathttps://fedorahosted.org/389/ticket/162
• af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2012-0813.html
• af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/48035
• af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/49562
• af854a3a-2127-422b-91ae-364da2661108https://fedorahosted.org/389/changeset/1bbbb3e5049c1aa0650546efab87ed2f1ea59637/389-ds-base
• af854a3a-2127-422b-91ae-364da2661108https://fedorahosted.org/389/ticket/162