CVE-2013-0336

Name of the Vulnerable Software and Affected Versions FreeIPA versions prior to 3.2.0

Description The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending a connection request without a username or dn. This is related to the 389 directory server.

Recommendations For versions prior to 3.2.0, update to version 3.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the ipapwd chpwop function in the directory server until a patch is available.