[Forgot Password]
Login  Register Subscribe

23631

 
 

122726

 
 

98503

 
 

909

 
 

79321

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2017-905 ---- 389-ds-base

ID: oval:org.secpod.oval:def:1600777Date: (C)2017-10-04   (M)2017-11-16
Class: PATCHFamily: unix




Password brute-force possible for locked account due to different return codes:A flaw was found in the way 389-ds-base handled authentication attempts against locked accounts. A remote attacker could potentially use this flaw to continue password brute-forcing attacks against LDAP accounts, thereby bypassing the protection offered by the directory server's password lockout policy

Platform:
Amazon Linux AMI
Product:
389-ds-base
Reference:
ALAS-2017-905
CVE-2017-7551
CVE    1
CVE-2017-7551
CPE    2
cpe:/a:fedoraproject:389_directory_server
cpe:/o:amazon:linux

© 2013 SecPod Technologies