RHSA-2013:1752-01 -- Redhat 389-ds-baseID: oval:org.secpod.oval:def:501142 | Date: (C)2013-11-26 (M)2023-07-28 |
Class: PATCH | Family: unix |
The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was discovered that the 389 Directory Server did not properly handle certain Get Effective Rights search queries when the attribute list, which is a part of the query, included several names using the "@" character. An attacker able to submit search queries to the 389 Directory Server could cause it to crash. All 389-ds-base users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the 389 server service will be restarted automatically.
Platform: |
Red Hat Enterprise Linux 6 |