#49661 CVE-2018-1089 389-ds-base: ns-slapd crash via large filter value in ldapsearch
Closed: fixed 2 years ago Opened 2 years ago by mreynolds.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1559819

It is possible to crash ns-slapd (and ipa-dnskeysyncd afterwards) with crafted ldapsearch query with very long filter value both as anonymous or authenticated user. The crash can be similarly triggered with a query via the FreeIPA API as an authenticated user.

Metadata Update from @mreynolds:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1559819

2 years ago

Metadata Update from @mreynolds:
- Issue assigned to mreynolds

2 years ago

d77c7f0..9d8d096 master -> master

eb08d43..a589008 389-ds-base-1.3.8 -> 389-ds-base-1.3.8

8bdcfa4..056d75c 389-ds-base-1.3.7 -> 389-ds-base-1.3.7

99ba446..62ac4ec 389-ds-base-1.3.6 -> 389-ds-base-1.3.6

f4a76bb..2728983 389-ds-base-1.2.11 -> 389-ds-base-1.2.11

Metadata Update from @mreynolds:
- Custom field component adjusted to None
- Custom field origin adjusted to None
- Custom field reviewstatus adjusted to None
- Custom field type adjusted to None
- Custom field version adjusted to None
- Issue close_status updated to: fixed
- Issue set to the milestone: 1.2.11 (was: 0.0 NEEDS_TRIAGE)
- Issue status updated to: Closed (was: Open)

2 years ago

Login to comment on this ticket.