3 matches found
SUSE CVE-2019-3883
In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds. However this timeout applies only for un-encrypted requests. Connections using SSL/TLS are not taking this timeout into account during...
UBUNTU-CVE-2019-3883
In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds. However this timeout applies only for un-encrypted requests. Connections using SSL/TLS are not taking this timeout into account during...
PT-2019-16752 · Red Hat +4 · 389-Ds-Base +5
Name of the Vulnerable Software and Affected Versions: 389-ds-base versions 1.4.1.2 and earlier Description: The issue allows an unauthenticated attacker to create hanging LDAP requests, potentially hanging all worker threads and resulting in a Denial of Service. This occurs because connections...