Описание
ELSA-2012-0683: bind-dyndb-ldap security update (IMPORTANT)
[0.2.0-7.1]
- fix for CVE-2012-2134
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
bind-dyndb-ldap
0.2.0-7.el6_2.1
Oracle Linux i686
bind-dyndb-ldap
0.2.0-7.el6_2.1
Связанные CVE
Связанные уязвимости
The handle_connection_error function in ldap_helper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service (infinite loop and named server hang) via a non-alphabet character in the base DN in an LDAP search DNS query.
The handle_connection_error function in ldap_helper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service (infinite loop and named server hang) via a non-alphabet character in the base DN in an LDAP search DNS query.
The handle_connection_error function in ldap_helper.c in bind-dyndb-ld ...
The handle_connection_error function in ldap_helper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service (infinite loop and named server hang) via a non-alphabet character in the base DN in an LDAP search DNS query.