Mreynolds

Name of the Vulnerable Software and Affected Versions: 389-ds-base versions prior to 1.3.5.17 389-ds-base versions prior to 1.3.6.10 Description: The issue arises from an invalid pointer dereference when handling LDAP bind requests. A remote unauthenticated attacker could exploit this to cause ns-slapd to crash using a specially crafted LDAP bind request, resulting in denial of service. Recommendations: For versions prior to 1.3.5.17, update to version 1.3.5.17 or later. For versions prior to 1.3.6.10, update to version 1.3.6.10 or later.

**Name of the Vulnerable Software and Affected Versions** 389 Directory Server versions 1.3.4.x through 1.3.4.6 **Description** The issue allows remote attackers to cause a denial of service by leveraging an abnormally closed connection, resulting in an infinite loop and connection blocking. **Recommendations** For versions 1.3.4.x through 1.3.4.6, update to version 1.3.4.7 or later to resolve the issue.