Sumit Bose discovered that FreeIPA's directory server (dirsrv) would segfault if an unauthenicated user attempted to connect to it with a missing username/dn. According to RFC 3062, connecting without specifying the username/dn is valid.
Acknowledgements:
This issue was discovered by Sumit Bose of Red Hat.
CVE-2013-0336
master: 7b45e33
ipa-3-1: 193192a
Metadata Update from @rcritten: - Issue assigned to sbose - Issue set to the milestone: FreeIPA 3.2 - 2013/04-05 (GA)
Login to comment on this ticket.