Red.Hat.389.Directory.Server.TLS.DoS
Description
This indicates an attack attempt to exploit a Denial of Service Vulnerability in Red Hat 389 Directory Server.
A remote attacker can exploit this vulnerability by opening a large number of TLS connections, and leaving them open for extended periods of time without sending enough data to constitute an LDAP message. Successful exploitation will cause the target application to use up its entire worker thread pool in the service of such requests, causing other connections to fail, leading to a denial of service condition.
Affected Products
Red Hat 389 Directory Server 1.4.1.2 and prior
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://access.redhat.com/security/cve/cve-2019-3883
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |