Red Hat Security Advisory: 389-ds-base security update
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) * 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
AI Analysis
Technical Summary
The 389 Directory Server, an LDAPv3 compliant server included in Red Hat Enterprise Linux 7, is affected by two vulnerabilities. CVE-2024-3657 allows a potential denial of service via a specially crafted Kerberos AS-REQ request. CVE-2024-2199 can cause a crash in the server when processing a malformed userPassword during modification operations in slapd/modify.c. Red Hat has issued an important security advisory (RHSA-2024:3591) providing updated 389-ds-base packages that fix these vulnerabilities. The update applies to multiple Red Hat Enterprise Linux 7 variants and requires a service restart upon installation.
Potential Impact
Successful exploitation of CVE-2024-3657 could result in denial of service conditions on the 389 Directory Server by processing malicious Kerberos AS-REQ requests. CVE-2024-2199 may cause the server to crash when handling malformed userPassword data, potentially disrupting directory services. Both vulnerabilities impact the availability and stability of the LDAP service but do not indicate privilege escalation or data disclosure based on the provided information.
Mitigation Recommendations
Red Hat has released updated 389-ds-base packages for Red Hat Enterprise Linux 7 that address these vulnerabilities. Users should apply the security update as described in Red Hat advisory RHSA-2024:3591, available at https://access.redhat.com/articles/11258. The update will automatically restart the 389 Directory Server service. Applying this official fix mitigates the risk posed by these vulnerabilities.
Red Hat Security Advisory: 389-ds-base security update
Description
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) * 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The 389 Directory Server, an LDAPv3 compliant server included in Red Hat Enterprise Linux 7, is affected by two vulnerabilities. CVE-2024-3657 allows a potential denial of service via a specially crafted Kerberos AS-REQ request. CVE-2024-2199 can cause a crash in the server when processing a malformed userPassword during modification operations in slapd/modify.c. Red Hat has issued an important security advisory (RHSA-2024:3591) providing updated 389-ds-base packages that fix these vulnerabilities. The update applies to multiple Red Hat Enterprise Linux 7 variants and requires a service restart upon installation.
Potential Impact
Successful exploitation of CVE-2024-3657 could result in denial of service conditions on the 389 Directory Server by processing malicious Kerberos AS-REQ requests. CVE-2024-2199 may cause the server to crash when handling malformed userPassword data, potentially disrupting directory services. Both vulnerabilities impact the availability and stability of the LDAP service but do not indicate privilege escalation or data disclosure based on the provided information.
Mitigation Recommendations
Red Hat has released updated 389-ds-base packages for Red Hat Enterprise Linux 7 that address these vulnerabilities. Users should apply the security update as described in Red Hat advisory RHSA-2024:3591, available at https://access.redhat.com/articles/11258. The update will automatically restart the 389 Directory Server service. Applying this official fix mitigates the risk posed by these vulnerabilities.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2024:3591
- Cve Count
- 2
- Additional Cves
- ["CVE-2024-3657"]
- Cvss Version
- null
Threat ID: 6a3da1f54853345fc18342f1
Added to database: 06/25/2026, 21:47:33 UTC
Last enriched: 06/25/2026, 22:49:01 UTC
Last updated: 06/27/2026, 12:51:10 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.