[] NeoSense
E X P L O I T S
title author type platform port cve id

RedHat 8/9 - Directory Server Crafted Search Pattern Denial of Service

Author: Ulf Weltman
type: dos
platform: linux
port: 
date_added: 2008-08-27 
date_updated: 2014-03-17 
verified: 1 
codes: CVE-2008-2930;OSVDB-48173 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/30871/info

Red Hat Directory Server is prone to a denial-of-service vulnerability because the server fails to handle specially crafted search patterns.

An attacker can exploit this issue to consume CPU resources with one search request, effectively blocking additional search requests from executing. Legitimate users may be prevented from authenticating to network resources that use the affected server for authentication.

Red Hat Directory Server 7.1 and 8 are affected.

The following example regular expressions are available:

2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P
4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.