CVE-2012-0833

The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.3 UNKNOWN
ADJACENT_NETWORK
MEDIUM
AV:A/AC:M/Au:S/C:N/I:N/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
fedoraproject389_directory_server
𝑥
≤ 1.2.10
fedoraproject389_directory_server
1.2.1
fedoraproject389_directory_server
1.2.2
fedoraproject389_directory_server
1.2.3
fedoraproject389_directory_server
1.2.5
fedoraproject389_directory_server
1.2.5:rc1
fedoraproject389_directory_server
1.2.5:rc2
fedoraproject389_directory_server
1.2.5:rc3
fedoraproject389_directory_server
1.2.5:rc4
fedoraproject389_directory_server
1.2.6
fedoraproject389_directory_server
1.2.6:a2
fedoraproject389_directory_server
1.2.6:a3
fedoraproject389_directory_server
1.2.6:a4
fedoraproject389_directory_server
1.2.6:rc1
fedoraproject389_directory_server
1.2.6:rc2
fedoraproject389_directory_server
1.2.6:rc3
fedoraproject389_directory_server
1.2.6:rc6
fedoraproject389_directory_server
1.2.6:rc7
fedoraproject389_directory_server
1.2.6.1
fedoraproject389_directory_server
1.2.7:alpha3
fedoraproject389_directory_server
1.2.7.5
fedoraproject389_directory_server
1.2.8:alpha1
fedoraproject389_directory_server
1.2.8:alpha2
fedoraproject389_directory_server
1.2.8:alpha3
fedoraproject389_directory_server
1.2.8:rc1
fedoraproject389_directory_server
1.2.8:rc2
fedoraproject389_directory_server
1.2.8.1
fedoraproject389_directory_server
1.2.8.2
fedoraproject389_directory_server
1.2.8.3
fedoraproject389_directory_server
1.2.9.9
fedoraproject389_directory_server
1.2.10:alpha8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
389-ds-base
bullseye
1.4.4.11-2
fixed
bookworm
2.3.1+dfsg1-1
fixed
sid
3.1.1+dfsg1-2
fixed
trixie
3.1.1+dfsg1-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
389-ds-base
trusty
dne
saucy
ignored
raring
ignored
quantal
ignored
precise
not-affected
oneiric
dne
natty
dne
lucid
dne
hardy
dne
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2012-0813.html
http://secunia.com/advisories/48035
http://secunia.com/advisories/49562
https://fedorahosted.org/389/changeset/1bbbb3e5049c1aa0650546efab87ed2f1ea59637/389-ds-base
https://fedorahosted.org/389/ticket/162
http://rhn.redhat.com/errata/RHSA-2012-0813.html
http://secunia.com/advisories/48035
http://secunia.com/advisories/49562
https://fedorahosted.org/389/changeset/1bbbb3e5049c1aa0650546efab87ed2f1ea59637/389-ds-base
https://fedorahosted.org/389/ticket/162