CVE-2019-3883

Priority
Description
In 389-ds-base up to version 1.4.1.2, requests are handled by workers
threads. Each sockets will be waited by the worker for at most
'ioblocktimeout' seconds. However this timeout applies only for
un-encrypted requests. Connections using SSL/TLS are not taking this
timeout into account during reads, and may hang longer.An unauthenticated
attacker could repeatedly create hanging LDAP requests to hang all the
workers, resulting in a Denial of Service.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needs-triage)
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 18.10 (Cosmic Cuttlefish):ignored (reached end-of-life)
Ubuntu 19.04 (Disco Dingo):needs-triage
Ubuntu 19.10 (Eoan):needs-triage
More Information

Updated: 2019-07-18 17:43:18 UTC (commit 649f8c6455205380e35ed054e9ea734222c716bb)