CVE-2026-9064 389-ds-base: 389-ds-base: unbounded ldap controls count in get_ldapmessage_controls_ext() causes cpu and heap amplification (remote dos)

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

CVE-2026-9064

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

CVE-2026-9064 389-ds-base: 389-ds-base: unbounded ldap controls count in get_ldapmessage_controls_ext() causes cpu and heap amplification (remote dos)

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

CVE-2026-9064

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

CVE-2010-0358

Heap-based buffer overflow in the server in IBM Lotus Domino 7 and 8.5 FP1 allows remote attackers to cause a denial of service daemon exit and possibly have unspecified other impact via a long string in a crafted LDAP message to a TCP port, a different vulnerability than CVE-2009-3087...

EUVD-2010-0389

Malware in sbrugna...

Sun Directory Server LDAP Denial of Service (CVE-2006-0647)

Sun Directory Server is a distributed directory server based on the Lightweight Directory Access Protocol LDAP. The server listens for LDAP requests on a port specified during installation. The default port assigned to the server during installation is randomly selected. There exists a...

Heap overflow

Heap-based buffer overflow in the server in IBM Lotus Domino 7 and 8.5 FP1 allows remote attackers to cause a denial of service daemon exit and possibly have unspecified other impact via a long string in a crafted LDAP message to a TCP port, a different vulnerability than CVE-2009-3087...

Update Protection against Sun Directory Server LDAP Denial of Service

There exists a vulnerability in the Sun Directory Server. The flaw is caused due to improper handling of certain overly large LDAP messages. An unauthenticated remote attacker may exploit this vulnerability by sending a crafted LDAP message to the target host which may terminate the affected LDAP...

CVE-2003-0663

Unknown vulnerability in the Local Security Authority Subsystem Service LSASS in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message...