Ticket #17 (closed defect: fixed)

Opened 8 years ago

Last modified 7 years ago

LDAP backend doesn't escape filters in all functions

Reported by: jan@… Owned by: somebody
Priority: high Milestone: milestone1
Component: component1 Version: 2.0
Severity: major Keywords:
Cc:

Description

In the "inline bool LdapBackend::list_simple( const string& target, int domain_id )" function in "modules/ldapbackend/ldabpackend.cc" The target isn't escaped when passing it as filter. This causes the ldap backend to disconnect from the LDAP server whenever a request for a name with a * or a \ is done. When receiving many of these requests this results in a DoS because ldap backends are shut down faster than powerdns can start new ones.

Change History

Changed 8 years ago by ahu

  • status changed from new to closed
  • resolution set to fixed

Thanks - fixed in 2.9.18

Changed 7 years ago by kkkkoaaa

  • version set to 2.0
  • milestone set to milestone1

Keep a good job up!  http://quick-adult-links.com

Note: See TracTickets for help on using tickets.