CVE-2015-0283 – slapi-nis: infinite loop in getgrnam_r() and getgrgid_r()

https://notcve.org/view.php?id=CVE-2015-0283

The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request for a (1) group with a large number of members or (2) user that belongs to a large number of groups. El plugin slapi-nis anterior a 0.54.2 no reasigna correctamente la memoria cuando procesa las cuentas de usuarios, lo que permite a atacantes remotos causar una denegación de servicio (bucle infinito y consumo de CPU) a través de una solicitud para (1) un grupo con un número grande de miembros o (2) un usuario que pertenece a un número grande de grupos. It was discovered that the slapi-nis Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for information about a group with many members, or a request for a user that belongs to a large number of groups, would cause a Directory Server to enter an infinite loop and consume an excessive amount of CPU time. • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154314.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154103.html http://rhn.redhat.com/errata/RHSA-2015-0728.html http://www.securityfocus.com/bid/73377 https://bugzilla.redhat.com/show_bug.cgi?id=1195729 https://git.fedorahosted.org/cgit/slapi-nis.git/commit/?id=6573f91c95f7a353ad3bdf2fe95b0c15932aa097 https://access.redhat.com/security/cve/CVE-2015-0283 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •