[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2018-1036 --- 389-ds-base

ID: oval:org.secpod.oval:def:1600895Date: (C)2018-06-12   (M)2021-06-02
Class: PATCHFamily: unix




It was found that 389-ds-base did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

Platform:
Amazon Linux AMI
Product:
389-ds-base
Reference:
ALAS-2018-1036
CVE-2018-1089
CVE    1
CVE-2018-1089
CPE    2
cpe:/o:amazon:linux
cpe:/a:fedoraproject:389_directory_server

© SecPod Technologies