RHSA-2018:0515-01 -- Redhat 389-ds-baseID: oval:org.secpod.oval:def:502249 | Date: (C)2018-03-16 (M)2023-12-20 |
Class: PATCH | Family: unix |
389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * 389-ds-base: remote Denial of Service via search filters in SetUnicodeStringFromUTF_8 in collate.c * 389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. The CVE-2017-15135 issue was discovered by Martin Poole .
Platform: |
Red Hat Enterprise Linux 6 |