From ${URL} : Description A vulnerability has been reported in 389 Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when handling modify requests and can be exploited to cause a crash by sending a modify request with an invalid DN. The vulnerability is reported in versions prior to 1.3.0.8. Solution: Update to version 1.3.0.8. Further details available to Secunia VIM customers Provided and/or discovered by: Reported by the vendor. Original Advisory: http://directory.fedoraproject.org/wiki/Releases/1.3.0.8 https://bugzilla.redhat.com/show_bug.cgi?id=999634 @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
CVE-2013-4283 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4283): ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attackers to cause a denial of service (server crash) via a crafted Distinguished Name (DN) in a MOD operation request.
Hi, We have updated 389-ds-base to 1.3.4.7. This should resolve the issue. Thanks,
Referenced commit 5a7174bf7122309eee568651fb5f3413155f9fc2
no vulnerable versions from this bug in tree.
