CVE-2008-3283

Name of the Vulnerable Software and Affected Versions: Red Hat Directory Server versions 7.1 before SP7 Red Hat Directory Server version 8 Fedora Directory Server version 1.1.1 and earlier

Description: The issue involves multiple memory leaks that can be exploited by remote attackers to cause a denial of service through memory consumption. This can be achieved via vectors involving the authentication / bind phase and anonymous LDAP search requests.

Recommendations: For Red Hat Directory Server versions 7.1 before SP7, update to SP7 or later to resolve the issue. For Red Hat Directory Server version 8, consider applying a patch or update when available. For Fedora Directory Server version 1.1.1 and earlier, update to a version later than 1.1.1 to mitigate the risk. As a temporary workaround, consider restricting anonymous LDAP search requests to minimize the risk of exploitation.