CVE-2011-1067 Information

Description

slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not properly manage the c_timelimit field of the connection table element which allows remote attackers to cause a denial of service (daemon outage) via Simple Paged Results connections as demonstrated by using multiple processes to replay TCP sessions a different vulnerability than CVE-2011-0019.

Reference

http://directory.fedoraproject.org/wiki/Release_Notes http://secunia.com/advisories/43566 https://bugzilla.redhat.com/show_bug.cgi?id=668619 https://exchange.xforce.ibmcloud.com/vulnerabilities/65769