[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

111017

 
 

909

 
 

86402

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2017-905 ---- 389-ds-base

ID: oval:org.secpod.oval:def:1600777Date: (C)2017-10-04   (M)2018-05-06
Class: PATCHFamily: unix




Password brute-force possible for locked account due to different return codes:A flaw was found in the way 389-ds-base handled authentication attempts against locked accounts. A remote attacker could potentially use this flaw to continue password brute-forcing attacks against LDAP accounts, thereby bypassing the protection offered by the directory server's password lockout policy

Platform:
Amazon Linux AMI
Product:
389-ds-base
Reference:
ALAS-2017-905
CVE-2017-7551
CVE    1
CVE-2017-7551
CPE    2
cpe:/a:fedoraproject:389_directory_server
cpe:/o:amazon:linux

© SecPod Technologies