PT-2011-2020 · Red Hat · 389 Directory Server

Published

2011-02-23

Updated

2011-03-31

CVE-2011-0022

CVSS v2.0

4.7

Medium

Vector

AV:L/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions 389 Directory Server versions 1.2.x

Description The issue allows local users to cause a denial of service, potentially leading to daemon outage or arbitrary process termination, by replacing PID files in the /var/run/dirsrv directory. This is due to the setup scripts using 0777 permissions for the /var/run/dirsrv directory when multiple unprivileged instances are configured.

Recommendations For 389 Directory Server versions 1.2.x, consider changing the permissions of the /var/run/dirsrv directory to prevent local users from replacing PID files and causing a denial of service. As a temporary workaround, restrict access to the /var/run/dirsrv directory to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2011-0022

RHSA-2011:0293

Affected Products

389 Directory Server

PT-2011-2020 · Red Hat · 389 Directory Server

CVE-2011-0022

Weakness Enumeration

Related Identifiers

Affected Products

References · 5