SUSE CVE-2015-1827

The getusergrouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service crash via a group list request for a user that belongs to a large number of groups...

Red Hat FreeIPA extdom plugin denial of service vulnerability

Red Hat FreeIPA is an integrated security information management solution from Red Hat that provides an easy-to-manage identity, policy and audit IPA suite for Linux and Unix computer networks. extdom is a directory server plug-in. A security vulnerability in the 'getusergrouplist' function in...

ipa: memory corruption when using get_user_grouplist()

It was discovered that the IPA extdom Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for a list of groups for a user that belongs to a large number of groups would cause a Directory Server to crash...

PT-2015-5460 · Red Hat +1 · Freeipa +2

Name of the Vulnerable Software and Affected Versions: FreeIPA versions prior to 4.1.4 Description: The issue is related to the get user grouplist function in the extdom plug-in, which does not properly reallocate memory when processing user accounts. This allows remote attackers to cause a denia...

ipa and slapi-nis security and bug fix update

ipa 4.1.0-18.0.1.el71.3 - Replace login-screen-logo.png 20362818 - Drop subscription-manager requires for OL7 - Drop redhat-access-plugin-ipa requires for OL7 - Blank out header-logo.png product-name.png 4.1.0-18.3 - ipa-python ipalib.errors.LDAPError: failed to decode certificate:...

Scientific Linux Security Update : ipa on SL7.x x86_64 (20150305)

Two cross-site scripting XSS flaws were found in jQuery, which impacted the Identity Management web administrative interface, and could allow an authenticated user to inject arbitrary HTML or web script into the interface. CVE-2010-5312, CVE-2012-6662 Note: The IdM version provided by this update...