A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing. (CVE-2022-0918) A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. (CVE-2022-0996)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | 389-ds-base | < 1.4.0.26-8.4 | 389-ds-base-1.4.0.26-8.4.mga8 |