A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the "schema_attr_enum_callback" function within the "schema.c" file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).