abbra / slapi-nis

Forked from slapi-nis 6 years ago
Clone

c7417ea CVE-2021-3480: invalid bind DN crash

Authored and Committed by abbra 2 years ago
    CVE-2021-3480: invalid bind DN crash
    
    For certain LDAP bind operations 389-ds would pass unvalidated bind DN
    to bind plugins. A first attempt to normalize the DN would find that out
    and should reject the request.
    
    Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
    
        
file modified
+5 -0