The handle_connection_error function in ldap_helper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service (infinite loop and named server hang) via a non-alphabet character in the base DN in an LDAP search DNS query.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2014-02-26T15:00:00
Updated: 2024-08-06T19:26:08.509Z
Reserved: 2012-04-04T00:00:00
Link: CVE-2012-2134
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2014-02-26T15:55:08.877
Modified: 2014-03-10T19:18:05.667
Link: CVE-2012-2134
Redhat