[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ELSA-2013-0503 -- Oracle 389-ds-base

ID: oval:org.secpod.oval:def:1500062Date: (C)2013-03-20   (M)2022-10-10
Class: PATCHFamily: unix




Updated 389-ds-base packages that fix one security issue, numerous bugs,and add various enhancements are now available for Red Hat EnterpriseLinux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is available from the CVE link inthe References section. The 389-ds-base packages provide 389 Directory Server, which is an LDAPv3compliant server. The base packages include the Lightweight DirectoryAccess Protocol server and command-line utilities for serveradministration.A flaw was found in the way 389 Directory Server enforced ACLs afterperforming an LDAP modify relative distinguished name operation.After modrdn was used to move part of a tree, the ACLs defined on the moved were not properly enforced until the server wasrestarted. This could allow LDAP users to access information that should berestricted by the defined ACLs. This issue was discovered by Noriko Hosoi of Red Hat.These updated 389-ds-base packages include numerous bug fixes andenhancements. Space precludes documenting all of these changes in thisadvisory. Users are directed to the Red Hat Enterprise Linux 6.4Technical Notes, linked to in the References, for information on the mostsignificant of these changes.All users of 389-ds-base are advised to upgrade to these updated packages,which correct this issue and provide numerous bug fixes and enhancements.After installing this update, the 389 server service will be restartedautomatically.

Platform:
Oracle Linux 6
Product:
389-ds-base
Reference:
ELSA-2013-0503
CVE-2012-4450
CVE    1
CVE-2012-4450
CPE    3
cpe:/a:fedoraproject:389_directory_server:1.2.10
cpe:/a:fedoraproject:389_directory_server
cpe:/o:oracle:linux:6

© SecPod Technologies