The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request for a (1) group with a large number of members or (2) user that belongs to a large number of groups.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Slapi-nis | Redhat | * | 0.54.1 (including) |