CVE-2012-0833 - Perfervid Hospital

Description

The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.

Reference

http://rhn.redhat.com/errata/RHSA-2012-0813.html http://secunia.com/advisories/49562 https://fedorahosted.org/389/ticket/162 https://fedorahosted.org/389/changeset/1bbbb3e5049c1aa0650546efab87ed2f1ea59637/389-ds-base http://secunia.com/advisories/48035