CVE-2011-1067
published 2011-02-23CVE-2011-1067: slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not properly manage the c_timelimit field of the connection table element, which allows…
medium5CVSS 3.1
AVNACLAuNCNINAP
slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not properly manage the c_timelimit field of the connection table element, which allows remote attackers to cause a denial of service (daemon outage) via Simple Paged Results connections, as demonstrated by using multiple processes to replay TCP sessions, a different vulnerability than CVE-2011-0019.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fedoraproject | 389_directory_server | <= 1.2.8 | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |