[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Crashing the server via GSS/SASL (ITS#2627)



> -----Original Message-----
> From: owner-openldap-bugs@OpenLDAP.org
> [mailto:owner-openldap-bugs@OpenLDAP.org]On Behalf Of mfox@cpsc.ucalgary.ca

> Full_Name: Mark A. Fox
> Version: 2.0.23
> OS: Linux
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (136.159.7.184)

> Authentication using GSS/SASL in which the distinguished name
> has some extra
> information attached (ie. /C=CA/O=Blah/CN=John D. Doe,
> Email=johndoe@doe.org)
> causes slapd to crash.
>
> I'm not sure that it's the ',' the '=', or even the '@', but
> a certificate with
> the above DN definitely causes slapd to crash.
>
> This is potentially a large vulnerability as it would be easy
> to use it for a DOS attack.

That doesn't look like a GSSAPI DN. Perhaps it is an X.509 DN.

2.0.23 is no longer supported. Please try something that is, like 2.1.22.

I'm fairly sure that this bug in X.509 DN handling was fixed in release
2.1.2, late April 2002, quite a long time ago.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support