Published: 03 July 2012
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.
Launchpad, Ubuntu, Debian
|Ubuntu 14.04 ESM (Trusty Tahr)||
Does not exist
(trusty was not-affected [220.127.116.11-0ubuntu3])