[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2017:0893-01 -- Redhat 389-ds-base

ID: oval:org.secpod.oval:def:502016Date: (C)2017-04-14   (M)2023-12-20
Class: PATCHFamily: unix




389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. Red Hat would like to thank Joachim Jabs for reporting this issue. Bug Fix: * Previously, the deref plug-in failed to dereference attributes that use distinguished name syntax, such as uniqueMember. With this patch, the deref plug-in can dereference such attributes and additionally Name and Optional UID syntax. As a result, the deref plug-in now supports any syntax

Platform:
Red Hat Enterprise Linux 6
Product:
389-ds-base
Reference:
RHSA-2017:0893-01
CVE-2017-2668
CVE    1
CVE-2017-2668
CPE    2
cpe:/o:redhat:enterprise_linux:6
cpe:/a:fedoraproject:389_directory_server

© SecPod Technologies