RHEL 8 : 389-ds (RHSA-2024:4235)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4235 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP...

CVE-2024-2199 389-ds-base: malformed userpassword may cause crash at do_modify in slapd/modify.c

A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying userPassword using malformed input...