Red Hat Security Advisory: 389-ds-base security update
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr) (CVE-2024-1062) * 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199) * 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) * 389-ds-base: Malformed userPassword hash may cause Denial of Service (CVE-2024-5953) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
AI Analysis
Technical Summary
The 389 Directory Server (389-ds-base) contains several vulnerabilities: CVE-2024-1062 is a heap overflow leading to denial of service when writing a value larger than 256 characters in log_entry_attr; CVE-2024-2199 and CVE-2024-5953 involve malformed userPassword or userPassword hash inputs causing crashes or denial of service; CVE-2024-3657 allows potential denial of service via specially crafted Kerberos AS-REQ requests. These vulnerabilities affect Red Hat Enterprise Linux 9.2 Extended Update Support across multiple architectures. Red Hat has issued a security advisory (RHSA-2024:4633) with patches to fix these issues, which restart the 389 server service automatically after update.
Potential Impact
Successful exploitation of these vulnerabilities can cause denial of service conditions by crashing the 389 Directory Server or causing heap overflows. This disrupts LDAP services, potentially impacting authentication and directory operations. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released an official security update for 389-ds-base in Red Hat Enterprise Linux 9.2 Extended Update Support that addresses these vulnerabilities. Applying this update will remediate the issues and automatically restart the 389 server service. Administrators should follow Red Hat's update instructions at https://access.redhat.com/articles/11258 to apply the patch promptly.
Red Hat Security Advisory: 389-ds-base security update
Description
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr) (CVE-2024-1062) * 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199) * 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) * 389-ds-base: Malformed userPassword hash may cause Denial of Service (CVE-2024-5953) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The 389 Directory Server (389-ds-base) contains several vulnerabilities: CVE-2024-1062 is a heap overflow leading to denial of service when writing a value larger than 256 characters in log_entry_attr; CVE-2024-2199 and CVE-2024-5953 involve malformed userPassword or userPassword hash inputs causing crashes or denial of service; CVE-2024-3657 allows potential denial of service via specially crafted Kerberos AS-REQ requests. These vulnerabilities affect Red Hat Enterprise Linux 9.2 Extended Update Support across multiple architectures. Red Hat has issued a security advisory (RHSA-2024:4633) with patches to fix these issues, which restart the 389 server service automatically after update.
Potential Impact
Successful exploitation of these vulnerabilities can cause denial of service conditions by crashing the 389 Directory Server or causing heap overflows. This disrupts LDAP services, potentially impacting authentication and directory operations. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released an official security update for 389-ds-base in Red Hat Enterprise Linux 9.2 Extended Update Support that addresses these vulnerabilities. Applying this update will remediate the issues and automatically restart the 389 server service. Administrators should follow Red Hat's update instructions at https://access.redhat.com/articles/11258 to apply the patch promptly.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2024:4633
- Cve Count
- 4
- Additional Cves
- ["CVE-2024-2199","CVE-2024-3657","CVE-2024-5953"]
- Cvss Version
- null
Threat ID: 6a3e805ccef61ccff9700caf
Added to database: 06/26/2026, 13:36:28 UTC
Last enriched: 06/26/2026, 13:41:09 UTC
Last updated: 06/27/2026, 10:51:10 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.