{"cve": [{"lastseen": "2020-12-09T19:52:36", "description": "389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence.", "edition": 5, "cvss3": {}, "published": "2013-03-13T20:55:00", "title": "CVE-2013-0312", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0312"], "modified": "2013-03-19T04:00:00", "cpe": ["cpe:/a:fedoraproject:389_directory_server:1.3.0.3"], "id": "CVE-2013-0312", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0312", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:fedoraproject:389_directory_server:1.3.0.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:45:58", "description": "The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote attackers to obtain sensitive information outside of the rootDSE via a crafted LDAP search.", "edition": 3, "cvss3": {}, "published": "2013-05-13T23:55:00", "title": "CVE-2013-1897", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1897"], "modified": "2013-05-14T04:00:00", "cpe": ["cpe:/a:fedoraproject:389_directory_server:1.2.11.17", "cpe:/a:fedoraproject:389_directory_server:1.2.7.5", "cpe:/a:fedoraproject:389_directory_server:1.2.10.11", "cpe:/a:fedoraproject:389_directory_server:1.2.11.6", "cpe:/a:fedoraproject:389_directory_server:1.2.2", "cpe:/a:fedoraproject:389_directory_server:1.2.11.5", "cpe:/a:fedoraproject:389_directory_server:1.2.11.13", "cpe:/a:fedoraproject:389_directory_server:1.2.8.1", "cpe:/a:fedoraproject:389_directory_server:1.2.11.8", "cpe:/a:fedoraproject:389_directory_server:1.2.8.3", "cpe:/a:fedoraproject:389_directory_server:1.2.5", "cpe:/a:fedoraproject:389_directory_server:1.2.10.3", "cpe:/a:fedoraproject:389_directory_server:1.2.6.1", "cpe:/a:fedoraproject:389_directory_server:1.2.11.10", "cpe:/a:fedoraproject:389_directory_server:1.2.8.2", "cpe:/a:fedoraproject:389_directory_server:1.2.11.11", "cpe:/a:fedoraproject:389_directory_server:1.2.11.15", "cpe:/a:fedoraproject:389_directory_server:1.2.11.14", "cpe:/a:fedoraproject:389_directory_server:1.2.7", "cpe:/a:fedoraproject:389_directory_server:1.2.8", "cpe:/a:fedoraproject:389_directory_server:1.2.10", "cpe:/a:fedoraproject:389_directory_server:1.3.0.4", "cpe:/a:fedoraproject:389_directory_server:1.2.11.19", "cpe:/a:fedoraproject:389_directory_server:1.2.1", "cpe:/a:fedoraproject:389_directory_server:1.2.11.9", "cpe:/a:fedoraproject:389_directory_server:1.2.11.1", "cpe:/a:fedoraproject:389_directory_server:1.3.0.3", "cpe:/a:fedoraproject:389_directory_server:1.3.0.2", "cpe:/a:fedoraproject:389_directory_server:1.2.6", "cpe:/a:fedoraproject:389_directory_server:1.2.3", "cpe:/a:fedoraproject:389_directory_server:1.2.9.9", "cpe:/a:fedoraproject:389_directory_server:1.2.10.4", "cpe:/a:fedoraproject:389_directory_server:1.2.11.12", "cpe:/a:fedoraproject:389_directory_server:1.2.10.2"], "id": "CVE-2013-1897", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1897", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:fedoraproject:389_directory_server:1.3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc4:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.14:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.6:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.10:alpha8:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a2:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.7:alpha3:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.15:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.9.9:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.11:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.10:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc3:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc3:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.9:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a4:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha1:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha3:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a3:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.10:rc1:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc2:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.17:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.12:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:rc1:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc7:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc6:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:rc2:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.8:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha2:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.5:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.19:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.13:*:*:*:*:*:*:*", "cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.11:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2018-01-18T11:09:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312", "CVE-2013-1897"], "description": "Check for the Version of 389-ds-base", "modified": "2018-01-18T00:00:00", "published": "2013-04-05T00:00:00", "id": "OPENVAS:865524", "href": "http://plugins.openvas.org/nasl.php?oid=865524", "type": "openvas", "title": "Fedora Update for 389-ds-base FEDORA-2013-4578", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for 389-ds-base FEDORA-2013-4578\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"389-ds-base on Fedora 18\";\ntag_insight = \"389 Directory Server is an LDAPv3 compliant server. The base package includes\n the LDAP server and command line utilities for server administration.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(865524);\n script_version(\"$Revision: 8456 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 07:58:40 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-05 13:44:48 +0530 (Fri, 05 Apr 2013)\");\n script_cve_id(\"CVE-2013-0312\", \"CVE-2013-1897\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for 389-ds-base FEDORA-2013-4578\");\n\n script_xref(name: \"FEDORA\", value: \"2013-4578\");\n script_xref(name: \"URL\" , value: \"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101323.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of 389-ds-base\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.3.0.5~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312", "CVE-2013-1897"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-04-05T00:00:00", "id": "OPENVAS:1361412562310865524", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865524", "type": "openvas", "title": "Fedora Update for 389-ds-base FEDORA-2013-4578", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for 389-ds-base FEDORA-2013-4578\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.865524\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-05 13:44:48 +0530 (Fri, 05 Apr 2013)\");\n script_cve_id(\"CVE-2013-0312\", \"CVE-2013-1897\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for 389-ds-base FEDORA-2013-4578\");\n script_xref(name:\"FEDORA\", value:\"2013-4578\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101323.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the '389-ds-base'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"389-ds-base on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.3.0.5~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312", "CVE-2013-1897"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:1361412562310865949", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865949", "type": "openvas", "title": "Fedora Update for 389-ds-base FEDORA-2013-5349", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for 389-ds-base FEDORA-2013-5349\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.865949\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:35:25 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2013-0312\", \"CVE-2013-1897\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for 389-ds-base FEDORA-2013-5349\");\n script_xref(name:\"FEDORA\", value:\"2013-5349\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-June/108783.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the '389-ds-base'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"389-ds-base on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.11.21~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-02-06T13:10:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312", "CVE-2013-1897"], "description": "Check for the Version of 389-ds-base", "modified": "2018-02-05T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:865949", "href": "http://plugins.openvas.org/nasl.php?oid=865949", "type": "openvas", "title": "Fedora Update for 389-ds-base FEDORA-2013-5349", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for 389-ds-base FEDORA-2013-5349\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"389-ds-base on Fedora 17\";\ntag_insight = \"389 Directory Server is an LDAPv3 compliant server. The base package includes\n the LDAP server and command line utilities for server administration.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(865949);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:35:25 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2013-0312\", \"CVE-2013-1897\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for 389-ds-base FEDORA-2013-5349\");\n\n script_xref(name: \"FEDORA\", value: \"2013-5349\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-June/108783.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of 389-ds-base\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.11.21~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-26T11:10:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312"], "description": "Check for the Version of 389-ds-base", "modified": "2018-01-26T00:00:00", "published": "2013-03-12T00:00:00", "id": "OPENVAS:870960", "href": "http://plugins.openvas.org/nasl.php?oid=870960", "type": "openvas", "title": "RedHat Update for 389-ds-base RHSA-2013:0628-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for 389-ds-base RHSA-2013:0628-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The 389 Directory Server is an LDAPv3 compliant server. The base packages\n include the Lightweight Directory Access Protocol (LDAP) server and\n command-line utilities for server administration.\n\n A flaw was found in the way LDAPv3 control data was handled by 389\n Directory Server. If a malicious user were able to bind to the directory\n (even anonymously) and send an LDAP request containing crafted LDAPv3\n control data, they could cause the server to crash, denying service to the\n directory. (CVE-2013-0312)\n\n The CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.\n\n This update also fixes the following bugs:\n\n * After an upgrade from Red Hat Enterprise Linux 6.3 to version 6.4, the\n upgrade script did not update the schema file for the PamConfig object\n class. Consequently, new features for PAM such as configuration of multiple\n instances and pamFilter attribute could not be used because of the schema\n violation. With this update, the upgrade script updates the schema file for\n the PamConfig object class and new features function properly. (BZ#910994)\n\n * Previously, the valgrind test suite reported recurring memory leaks in\n the modify_update_last_modified_attr() function. The size of the leaks\n averaged between 60-80 bytes per modify call. In environments where modify\n operations were frequent, this caused significant problems. Now, memory\n leaks no longer occur in the modify_update_last_modified_attr() function.\n (BZ#910995)\n\n * The Directory Server (DS) failed when multi-valued attributes were\n replaced. The problem occurred when replication was enabled, while the\n server executing the modification was configured as a single master and\n there was at least one replication agreement. Consequently, the\n modification requests were refused by the master server, which returned a\n code 20 Type or value exists error message. These requests were\n replacements of multi-valued attributes, and the error only occurred when\n one of the new values matched one of the current values of the attribute,\n but had a different letter case. Now, modification requests function\n properly and no longer return code 20 errors. (BZ#910996)\n\n * The DNA (distributed numeric assignment) plug-in, under certain\n conditions, could log error messages with the DB_LOCK_DEADLOCK error\n code when attempting to create an entry with a uidNumber attribute. Now,\n DNA handles this case properly and errors no longer occur during attempts\n to create entries with uidNumber a ...\n\n Description truncated, for more information please check the Reference URL\";\n\n\ntag_affected = \"389-ds-base on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00034.html\");\n script_id(870960);\n script_version(\"$Revision: 8542 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 09:54:32 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2013-0312\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2013:0628-01\");\n script_name(\"RedHat Update for 389-ds-base RHSA-2013:0628-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of 389-ds-base\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.11.15~12.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-debuginfo\", rpm:\"389-ds-base-debuginfo~1.2.11.15~12.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-libs\", rpm:\"389-ds-base-libs~1.2.11.15~12.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-24T11:09:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312"], "description": "Check for the Version of 389-ds-base", "modified": "2018-01-24T00:00:00", "published": "2013-03-15T00:00:00", "id": "OPENVAS:881683", "href": "http://plugins.openvas.org/nasl.php?oid=881683", "type": "openvas", "title": "CentOS Update for 389-ds-base CESA-2013:0628 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for 389-ds-base CESA-2013:0628 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The 389 Directory Server is an LDAPv3 compliant server. The base packages\n include the Lightweight Directory Access Protocol (LDAP) server and\n command-line utilities for server administration.\n\n A flaw was found in the way LDAPv3 control data was handled by 389\n Directory Server. If a malicious user were able to bind to the directory\n (even anonymously) and send an LDAP request containing crafted LDAPv3\n control data, they could cause the server to crash, denying service to the\n directory. (CVE-2013-0312)\n \n The CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.\n \n This update also fixes the following bugs:\n \n * After an upgrade from Red Hat Enterprise Linux 6.3 to version 6.4, the\n upgrade script did not update the schema file for the PamConfig object\n class. Consequently, new features for PAM such as configuration of multiple\n instances and pamFilter attribute could not be used because of the schema\n violation. With this update, the upgrade script updates the schema file for\n the PamConfig object class and new features function properly. (BZ#910994)\n \n * Previously, the valgrind test suite reported recurring memory leaks in\n the modify_update_last_modified_attr() function. The size of the leaks\n averaged between 60-80 bytes per modify call. In environments where modify\n operations were frequent, this caused significant problems. Now, memory\n leaks no longer occur in the modify_update_last_modified_attr() function.\n (BZ#910995)\n \n * The Directory Server (DS) failed when multi-valued attributes were\n replaced. The problem occurred when replication was enabled, while the\n server executing the modification was configured as a single master and\n there was at least one replication agreement. Consequently, the\n modification requests were refused by the master server, which returned a\n code 20 "Type or value exists" error message. These requests were\n replacements of multi-valued attributes, and the error only occurred when\n one of the new values matched one of the current values of the attribute,\n but had a different letter case. Now, modification requests function\n properly and no longer return code 20 errors. (BZ#910996)\n \n * The DNA (distributed numeric assignment) plug-in, under certain\n conditions, could log error messages with the "DB_LOCK_DEADLOCK" error\n code when attempting to create an entry with a uidNumber attribute. Now,\n DNA handles this case properly and errors no longer occur during attempts\n to create entries with uidNumber attributes. (BZ#911467)\n \n * Posix Winsync plugin was calling an internal mo ... \n\n Description truncated, for more information please check the Reference URL\";\n\n\ntag_affected = \"389-ds-base on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-March/019641.html\");\n script_id(881683);\n script_version(\"$Revision: 8509 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 07:57:46 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-15 09:51:36 +0530 (Fri, 15 Mar 2013)\");\n script_cve_id(\"CVE-2013-0312\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2013:0628\");\n script_name(\"CentOS Update for 389-ds-base CESA-2013:0628 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of 389-ds-base\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.11.15~12.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-devel\", rpm:\"389-ds-base-devel~1.2.11.15~12.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-libs\", rpm:\"389-ds-base-libs~1.2.11.15~12.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2013-03-12T00:00:00", "id": "OPENVAS:1361412562310870960", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870960", "type": "openvas", "title": "RedHat Update for 389-ds-base RHSA-2013:0628-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for 389-ds-base RHSA-2013:0628-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00034.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870960\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 09:54:32 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2013-0312\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2013:0628-01\");\n script_name(\"RedHat Update for 389-ds-base RHSA-2013:0628-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the '389-ds-base'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"389-ds-base on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The 389 Directory Server is an LDAPv3 compliant server. The base packages\n include the Lightweight Directory Access Protocol (LDAP) server and\n command-line utilities for server administration.\n\n A flaw was found in the way LDAPv3 control data was handled by 389\n Directory Server. If a malicious user were able to bind to the directory\n (even anonymously) and send an LDAP request containing crafted LDAPv3\n control data, they could cause the server to crash, denying service to the\n directory. (CVE-2013-0312)\n\n The CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.\n\n This update also fixes the following bugs:\n\n * After an upgrade from Red Hat Enterprise Linux 6.3 to version 6.4, the\n upgrade script did not update the schema file for the PamConfig object\n class. Consequently, new features for PAM such as configuration of multiple\n instances and pamFilter attribute could not be used because of the schema\n violation. With this update, the upgrade script updates the schema file for\n the PamConfig object class and new features function properly. (BZ#910994)\n\n * Previously, the valgrind test suite reported recurring memory leaks in\n the modify_update_last_modified_attr() function. The size of the leaks\n averaged between 60-80 bytes per modify call. In environments where modify\n operations were frequent, this caused significant problems. Now, memory\n leaks no longer occur in the modify_update_last_modified_attr() function.\n (BZ#910995)\n\n * The Directory Server (DS) failed when multi-valued attributes were\n replaced. The problem occurred when replication was enabled, while the\n server executing the modification was configured as a single master and\n there was at least one replication agreement. Consequently, the\n modification requests were refused by the master server, which returned a\n code 20 Type or value exists error message. These requests were\n replacements of multi-valued attributes, and the error only occurred when\n one of the new values matched one of the current values of the attribute,\n but had a different letter case. Now, modification requests function\n properly and no longer return code 20 errors. (BZ#910996)\n\n * The DNA (distributed numeric assignment) plug-in, under certain\n conditions, could log error messages with the DB_LOCK_DEADLOCK error\n code when attempting to create an entry with a uidNumber attribute. Now,\n DNA handles this case properly and errors no longer occur during attempts\n to create entries with uidNumber a ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.11.15~12.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-debuginfo\", rpm:\"389-ds-base-debuginfo~1.2.11.15~12.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-libs\", rpm:\"389-ds-base-libs~1.2.11.15~12.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-15T00:00:00", "id": "OPENVAS:1361412562310881683", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881683", "type": "openvas", "title": "CentOS Update for 389-ds-base CESA-2013:0628 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for 389-ds-base CESA-2013:0628 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019641.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881683\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-15 09:51:36 +0530 (Fri, 15 Mar 2013)\");\n script_cve_id(\"CVE-2013-0312\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2013:0628\");\n script_name(\"CentOS Update for 389-ds-base CESA-2013:0628 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the '389-ds-base'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"389-ds-base on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The 389 Directory Server is an LDAPv3 compliant server. The base packages\n include the Lightweight Directory Access Protocol (LDAP) server and\n command-line utilities for server administration.\n\n A flaw was found in the way LDAPv3 control data was handled by 389\n Directory Server. If a malicious user were able to bind to the directory\n (even anonymously) and send an LDAP request containing crafted LDAPv3\n control data, they could cause the server to crash, denying service to the\n directory. (CVE-2013-0312)\n\n The CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.\n\n This update also fixes the following bugs:\n\n * After an upgrade from Red Hat Enterprise Linux 6.3 to version 6.4, the\n upgrade script did not update the schema file for the PamConfig object\n class. Consequently, new features for PAM such as configuration of multiple\n instances and pamFilter attribute could not be used because of the schema\n violation. With this update, the upgrade script updates the schema file for\n the PamConfig object class and new features function properly. (BZ#910994)\n\n * Previously, the valgrind test suite reported recurring memory leaks in\n the modify_update_last_modified_attr() function. The size of the leaks\n averaged between 60-80 bytes per modify call. In environments where modify\n operations were frequent, this caused significant problems. Now, memory\n leaks no longer occur in the modify_update_last_modified_attr() function.\n (BZ#910995)\n\n * The Directory Server (DS) failed when multi-valued attributes were\n replaced. The problem occurred when replication was enabled, while the\n server executing the modification was configured as a single master and\n there was at least one replication agreement. Consequently, the\n modification requests were refused by the master server, which returned a\n code 20 'Type or value exists' error message. These requests were\n replacements of multi-valued attributes, and the error only occurred when\n one of the new values matched one of the current values of the attribute,\n but had a different letter case. Now, modification requests function\n properly and no longer return code 20 errors. (BZ#910996)\n\n * The DNA (distributed numeric assignment) plug-in, under certain\n conditions, could log error messages with the 'DB_LOCK_DEADLOCK' error\n code when attempting to create an entry with a uidNumber attribute. Now,\n DNA handles this case properly and errors no longer occur during attempts\n to create entries with uidNumber attributes. (BZ#911467)\n\n * Posix Winsync plugin was calling an internal mo ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.11.15~12.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-devel\", rpm:\"389-ds-base-devel~1.2.11.15~12.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-libs\", rpm:\"389-ds-base-libs~1.2.11.15~12.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312"], "description": "Oracle Linux Local Security Checks ELSA-2013-0628", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123669", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123669", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0628", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0628.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123669\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:02 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0628\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0628 - 389-ds-base security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0628\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0628.html\");\n script_cve_id(\"CVE-2013-0312\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.11.15~12.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"389-ds-base-devel\", rpm:\"389-ds-base-devel~1.2.11.15~12.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"389-ds-base-libs\", rpm:\"389-ds-base-libs~1.2.11.15~12.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1897"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-04-19T00:00:00", "id": "OPENVAS:1361412562310881716", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881716", "type": "openvas", "title": "CentOS Update for 389-ds-base CESA-2013:0742 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for 389-ds-base CESA-2013:0742 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_tag(name:\"affected\", value:\"389-ds-base on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The 389 Directory Server is an LDAPv3 compliant server. The base packages\n include the Lightweight Directory Access Protocol (LDAP) server and\n command-line utilities for server administration.\n\n It was found that the 389 Directory Server did not properly restrict access\n to entries when the 'nsslapd-allow-anonymous-access' configuration setting\n was set to 'rootdse'. An anonymous user could connect to the LDAP database\n and, if the search scope is set to BASE, obtain access to information\n outside of the rootDSE. (CVE-2013-1897)\n\n This issue was discovered by Martin Kosek of Red Hat.\n\n This update also fixes the following bugs:\n\n * Previously, the schema-reload plug-in was not thread-safe. Consequently,\n executing the schema-reload.pl script under heavy load could have caused\n the ns-slapd process to terminate unexpectedly with a segmentation fault.\n Currently, the schema-reload plug-in is re-designed so that it is\n thread-safe, and the schema-reload.pl script can be executed along with\n other LDAP operations. (BZ#929107)\n\n * An out of scope problem for a local variable, in some cases, caused the\n modrdn operation to terminate unexpectedly with a segmentation fault. This\n update declares the local variable at the proper place of the function so\n it does not go out of scope, and the modrdn operation no longer crashes.\n (BZ#929111)\n\n * A task manually constructed an exact value to be removed from the\n configuration if the 'replica-force-cleaning' option was used.\n Consequently, the task configuration was not cleaned up, and every time the\n server was restarted, the task behaved in the described manner. This update\n searches the configuration for the exact value to delete, instead of\n manually building the value, and the task does not restart when the server\n is restarted. (BZ#929114)\n\n * Previously, a NULL pointer dereference could have occurred when\n attempting to get effective rights on an entry that did not exist, leading\n to an unexpected termination due to a segmentation fault. This update\n checks for NULL entry pointers and returns the appropriate error. Now,\n attempts to get effective rights on an entry that does not exist no longer\n causes crashes, and the server returns the appropriate error message.\n (BZ#929115)\n\n * A problem in the lock timing in the DNA plug-in caused a deadlock if the\n DNA operation was executed with other plug-ins. This update moves the\n release timing of the problematic lock, and the DNA plug-in does not cause\n the deadlock. (BZ#929196)\n\n All 389-ds-base users are advised to upgrade to these updated packages,\n which contain backported patches to correct these issues. After installing\n this update, the 389 server service will be restarted automatically.\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881716\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-19 10:05:37 +0530 (Fri, 19 Apr 2013)\");\n script_cve_id(\"CVE-2013-1897\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_name(\"CentOS Update for 389-ds-base CESA-2013:0742 centos6\");\n\n script_xref(name:\"CESA\", value:\"2013:0742\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-April/019689.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the '389-ds-base'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"389-ds-base\", rpm:\"389-ds-base~1.2.11.15~14.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-devel\", rpm:\"389-ds-base-devel~1.2.11.15~14.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"389-ds-base-libs\", rpm:\"389-ds-base-libs~1.2.11.15~14.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0312", "CVE-2013-1897"], "description": "389 Directory Server is an LDAPv3 compliant server. The base package inclu des the LDAP server and command line utilities for server administration. ", "modified": "2013-04-03T04:32:01", "published": "2013-04-03T04:32:01", "id": "FEDORA:0DBE02087D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: 389-ds-base-1.3.0.5-1.fc18", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0312", "CVE-2013-2219", "CVE-2013-4283"], "description": "389 Directory Server is an LDAPv3 compliant server. The base package inclu des the LDAP server and command line utilities for server administration. ", "modified": "2013-08-30T22:56:20", "published": "2013-08-30T22:56:20", "id": "FEDORA:35CEE2170C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: 389-ds-base-1.3.0.8-1.fc18", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0312", "CVE-2013-2219", "CVE-2013-4283", "CVE-2013-4485"], "description": "389 Directory Server is an LDAPv3 compliant server. The base package inclu des the LDAP server and command line utilities for server administration. ", "modified": "2014-01-14T08:39:09", "published": "2014-01-14T08:39:09", "id": "FEDORA:18A1922140", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: 389-ds-base-1.3.0.9-1.fc18", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4546", "CVE-2012-5484", "CVE-2013-0199", "CVE-2013-0336", "CVE-2013-1897"], "description": "IPA is an integrated solution to provide centrally managed Identity (machin e, user, virtual machines, groups, authentication credentials), Policy (configuration settings, access control information) and Audit (events, logs, analysis thereof). ", "modified": "2013-04-11T10:07:12", "published": "2013-04-11T10:07:12", "id": "FEDORA:CBCD42112D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: freeipa-3.1.3-4.fc18", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:27:05", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0312"], "description": "**CentOS Errata and Security Advisory** CESA-2013:0628\n\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base packages\ninclude the Lightweight Directory Access Protocol (LDAP) server and\ncommand-line utilities for server administration.\n\nA flaw was found in the way LDAPv3 control data was handled by 389\nDirectory Server. If a malicious user were able to bind to the directory\n(even anonymously) and send an LDAP request containing crafted LDAPv3\ncontrol data, they could cause the server to crash, denying service to the\ndirectory. (CVE-2013-0312)\n\nThe CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.\n\nThis update also fixes the following bugs:\n\n* After an upgrade from Red Hat Enterprise Linux 6.3 to version 6.4, the\nupgrade script did not update the schema file for the PamConfig object\nclass. Consequently, new features for PAM such as configuration of multiple\ninstances and pamFilter attribute could not be used because of the schema\nviolation. With this update, the upgrade script updates the schema file for\nthe PamConfig object class and new features function properly. (BZ#910994)\n\n* Previously, the valgrind test suite reported recurring memory leaks in\nthe modify_update_last_modified_attr() function. The size of the leaks\naveraged between 60-80 bytes per modify call. In environments where modify\noperations were frequent, this caused significant problems. Now, memory\nleaks no longer occur in the modify_update_last_modified_attr() function.\n(BZ#910995)\n\n* The Directory Server (DS) failed when multi-valued attributes were\nreplaced. The problem occurred when replication was enabled, while the\nserver executing the modification was configured as a single master and\nthere was at least one replication agreement. Consequently, the\nmodification requests were refused by the master server, which returned a\ncode 20 \"Type or value exists\" error message. These requests were\nreplacements of multi-valued attributes, and the error only occurred when\none of the new values matched one of the current values of the attribute,\nbut had a different letter case. Now, modification requests function\nproperly and no longer return code 20 errors. (BZ#910996)\n\n* The DNA (distributed numeric assignment) plug-in, under certain\nconditions, could log error messages with the \"DB_LOCK_DEADLOCK\" error\ncode when attempting to create an entry with a uidNumber attribute. Now,\nDNA handles this case properly and errors no longer occur during attempts\nto create entries with uidNumber attributes. (BZ#911467)\n\n* Posix Winsync plugin was calling an internal modify function which was\nnot necessary. The internal modify call failed and logged an error message\n\"slapi_modify_internal_set_pb: NULL parameter\" which was not clear. This\npatch stops calling the internal modify function if it is not necessary and\nthe cryptic error message is not observed. (BZ#911468)\n\n* Previously, under certain conditions, the dse.ldif file had 0 bytes after\na server termination or when the machine was powered off. Consequently,\nafter the system was brought up, a DS or IdM system could be unable to\nrestart, leading to production server outages. Now, the server mechanism by\nwhich the dse.ldif is written is more robust, and tries all available\nbackup dse.ldif files, and outages no longer occur. (BZ#911469)\n\n* Due to an incorrect interpretation of an error code, a directory server\nconsidered an invalid chaining configuration setting as the disk full error\nand shut down unexpectedly. Now, a more appropriate error code is in use\nand the server no longer shuts down from invalid chaining configuration\nsettings. (BZ#911474)\n\n* While trying to remove a tombstone entry, the ns-slapd daemon terminated\nunexpectedly with a segmentation fault. With this update, removal of\ntombstone entries no longer causes crashes. (BZ#914305)\n\nAll 389-ds-base users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After installing\nthis update, the 389 server service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/031679.html\n\n**Affected packages:**\n389-ds-base\n389-ds-base-devel\n389-ds-base-libs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0628.html", "edition": 3, "modified": "2013-03-12T05:32:01", "published": "2013-03-12T05:32:01", "href": "http://lists.centos.org/pipermail/centos-announce/2013-March/031679.html", "id": "CESA-2013:0628", "title": "389 security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:26:10", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1897"], "description": "**CentOS Errata and Security Advisory** CESA-2013:0742\n\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base packages\ninclude the Lightweight Directory Access Protocol (LDAP) server and\ncommand-line utilities for server administration.\n \nIt was found that the 389 Directory Server did not properly restrict access\nto entries when the \"nsslapd-allow-anonymous-access\" configuration setting\nwas set to \"rootdse\". An anonymous user could connect to the LDAP database\nand, if the search scope is set to BASE, obtain access to information\noutside of the rootDSE. (CVE-2013-1897)\n\nThis issue was discovered by Martin Kosek of Red Hat.\n\nThis update also fixes the following bugs:\n\n* Previously, the schema-reload plug-in was not thread-safe. Consequently,\nexecuting the schema-reload.pl script under heavy load could have caused\nthe ns-slapd process to terminate unexpectedly with a segmentation fault.\nCurrently, the schema-reload plug-in is re-designed so that it is\nthread-safe, and the schema-reload.pl script can be executed along with\nother LDAP operations. (BZ#929107)\n\n* An out of scope problem for a local variable, in some cases, caused the\nmodrdn operation to terminate unexpectedly with a segmentation fault. This\nupdate declares the local variable at the proper place of the function so\nit does not go out of scope, and the modrdn operation no longer crashes.\n(BZ#929111)\n\n* A task manually constructed an exact value to be removed from the\nconfiguration if the \"replica-force-cleaning\" option was used.\nConsequently, the task configuration was not cleaned up, and every time the\nserver was restarted, the task behaved in the described manner. This update\nsearches the configuration for the exact value to delete, instead of\nmanually building the value, and the task does not restart when the server\nis restarted. (BZ#929114)\n\n* Previously, a NULL pointer dereference could have occurred when\nattempting to get effective rights on an entry that did not exist, leading\nto an unexpected termination due to a segmentation fault. This update\nchecks for NULL entry pointers and returns the appropriate error. Now,\nattempts to get effective rights on an entry that does not exist no longer\ncauses crashes, and the server returns the appropriate error message.\n(BZ#929115)\n\n* A problem in the lock timing in the DNA plug-in caused a deadlock if the\nDNA operation was executed with other plug-ins. This update moves the\nrelease timing of the problematic lock, and the DNA plug-in does not cause\nthe deadlock. (BZ#929196)\n\nAll 389-ds-base users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After installing\nthis update, the 389 server service will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-April/031727.html\n\n**Affected packages:**\n389-ds-base\n389-ds-base-devel\n389-ds-base-libs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0742.html", "edition": 3, "modified": "2013-04-16T11:10:18", "published": "2013-04-16T11:10:18", "href": "http://lists.centos.org/pipermail/centos-announce/2013-April/031727.html", "id": "CESA-2013:0742", "title": "389 security update", "type": "centos", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "redhat": [{"lastseen": "2019-08-13T18:46:33", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0312"], "description": "The 389 Directory Server is an LDAPv3 compliant server. The base packages\ninclude the Lightweight Directory Access Protocol (LDAP) server and\ncommand-line utilities for server administration.\n\nA flaw was found in the way LDAPv3 control data was handled by 389\nDirectory Server. If a malicious user were able to bind to the directory\n(even anonymously) and send an LDAP request containing crafted LDAPv3\ncontrol data, they could cause the server to crash, denying service to the\ndirectory. (CVE-2013-0312)\n\nThe CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.\n\nThis update also fixes the following bugs:\n\n* After an upgrade from Red Hat Enterprise Linux 6.3 to version 6.4, the\nupgrade script did not update the schema file for the PamConfig object\nclass. Consequently, new features for PAM such as configuration of multiple\ninstances and pamFilter attribute could not be used because of the schema\nviolation. With this update, the upgrade script updates the schema file for\nthe PamConfig object class and new features function properly. (BZ#910994)\n\n* Previously, the valgrind test suite reported recurring memory leaks in\nthe modify_update_last_modified_attr() function. The size of the leaks\naveraged between 60-80 bytes per modify call. In environments where modify\noperations were frequent, this caused significant problems. Now, memory\nleaks no longer occur in the modify_update_last_modified_attr() function.\n(BZ#910995)\n\n* The Directory Server (DS) failed when multi-valued attributes were\nreplaced. The problem occurred when replication was enabled, while the\nserver executing the modification was configured as a single master and\nthere was at least one replication agreement. Consequently, the\nmodification requests were refused by the master server, which returned a\ncode 20 \"Type or value exists\" error message. These requests were\nreplacements of multi-valued attributes, and the error only occurred when\none of the new values matched one of the current values of the attribute,\nbut had a different letter case. Now, modification requests function\nproperly and no longer return code 20 errors. (BZ#910996)\n\n* The DNA (distributed numeric assignment) plug-in, under certain\nconditions, could log error messages with the \"DB_LOCK_DEADLOCK\" error\ncode when attempting to create an entry with a uidNumber attribute. Now,\nDNA handles this case properly and errors no longer occur during attempts\nto create entries with uidNumber attributes. (BZ#911467)\n\n* Posix Winsync plugin was calling an internal modify function which was\nnot necessary. The internal modify call failed and logged an error message\n\"slapi_modify_internal_set_pb: NULL parameter\" which was not clear. This\npatch stops calling the internal modify function if it is not necessary and\nthe cryptic error message is not observed. (BZ#911468)\n\n* Previously, under certain conditions, the dse.ldif file had 0 bytes after\na server termination or when the machine was powered off. Consequently,\nafter the system was brought up, a DS or IdM system could be unable to\nrestart, leading to production server outages. Now, the server mechanism by\nwhich the dse.ldif is written is more robust, and tries all available\nbackup dse.ldif files, and outages no longer occur. (BZ#911469)\n\n* Due to an incorrect interpretation of an error code, a directory server\nconsidered an invalid chaining configuration setting as the disk full error\nand shut down unexpectedly. Now, a more appropriate error code is in use\nand the server no longer shuts down from invalid chaining configuration\nsettings. (BZ#911474)\n\n* While trying to remove a tombstone entry, the ns-slapd daemon terminated\nunexpectedly with a segmentation fault. With this update, removal of\ntombstone entries no longer causes crashes. (BZ#914305)\n\nAll 389-ds-base users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After installing\nthis update, the 389 server service will be restarted automatically.\n", "modified": "2018-06-06T20:24:31", "published": "2013-03-11T04:00:00", "id": "RHSA-2013:0628", "href": "https://access.redhat.com/errata/RHSA-2013:0628", "type": "redhat", "title": "(RHSA-2013:0628) Moderate: 389-ds-base security and bug fix update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:45:36", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1897"], "description": "The 389 Directory Server is an LDAPv3 compliant server. The base packages\ninclude the Lightweight Directory Access Protocol (LDAP) server and\ncommand-line utilities for server administration.\n \nIt was found that the 389 Directory Server did not properly restrict access\nto entries when the \"nsslapd-allow-anonymous-access\" configuration setting\nwas set to \"rootdse\". An anonymous user could connect to the LDAP database\nand, if the search scope is set to BASE, obtain access to information\noutside of the rootDSE. (CVE-2013-1897)\n\nThis issue was discovered by Martin Kosek of Red Hat.\n\nThis update also fixes the following bugs:\n\n* Previously, the schema-reload plug-in was not thread-safe. Consequently,\nexecuting the schema-reload.pl script under heavy load could have caused\nthe ns-slapd process to terminate unexpectedly with a segmentation fault.\nCurrently, the schema-reload plug-in is re-designed so that it is\nthread-safe, and the schema-reload.pl script can be executed along with\nother LDAP operations. (BZ#929107)\n\n* An out of scope problem for a local variable, in some cases, caused the\nmodrdn operation to terminate unexpectedly with a segmentation fault. This\nupdate declares the local variable at the proper place of the function so\nit does not go out of scope, and the modrdn operation no longer crashes.\n(BZ#929111)\n\n* A task manually constructed an exact value to be removed from the\nconfiguration if the \"replica-force-cleaning\" option was used.\nConsequently, the task configuration was not cleaned up, and every time the\nserver was restarted, the task behaved in the described manner. This update\nsearches the configuration for the exact value to delete, instead of\nmanually building the value, and the task does not restart when the server\nis restarted. (BZ#929114)\n\n* Previously, a NULL pointer dereference could have occurred when\nattempting to get effective rights on an entry that did not exist, leading\nto an unexpected termination due to a segmentation fault. This update\nchecks for NULL entry pointers and returns the appropriate error. Now,\nattempts to get effective rights on an entry that does not exist no longer\ncauses crashes, and the server returns the appropriate error message.\n(BZ#929115)\n\n* A problem in the lock timing in the DNA plug-in caused a deadlock if the\nDNA operation was executed with other plug-ins. This update moves the\nrelease timing of the problematic lock, and the DNA plug-in does not cause\nthe deadlock. (BZ#929196)\n\nAll 389-ds-base users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After installing\nthis update, the 389 server service will be restarted automatically.\n", "modified": "2018-06-06T20:24:26", "published": "2013-04-15T04:00:00", "id": "RHSA-2013:0742", "href": "https://access.redhat.com/errata/RHSA-2013:0742", "type": "redhat", "title": "(RHSA-2013:0742) Low: 389-ds-base security and bug fix update", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:46", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0312"], "description": "[1.2.11.15-12]\n- Resolves: Bug 910994 - PamConfig schema not updated during upgrade\n- Resolves: Bug 910995 - Valgrind reports memleak in modify_update_last_modified_attr\n- Resolves: Bug 910996 - DS returns error 20 when replacing values of a multi-valued attribute (only when replication is enabled)\n- Resolves: Bug 911467 - DNA: use event queue for config update only at the start up\n- Resolves: Bug 911468 - Error messages encountered when using POSIX winsync\n- Resolves: Bug 911469 - dse.ldif is 0 length after server kill or machine kill\n- Resolves: Bug 911474 - Invalid chaining config triggers a disk full error and shutdown\n- Resolves: Bug 914305 - ns-slapd segfaults while trying to delete a tombstone entry\n- Resolves: Bug 913228 - unauthenticated denial of service vulnerability in handling of LDAPv3 control data", "edition": 4, "modified": "2013-03-11T00:00:00", "published": "2013-03-11T00:00:00", "id": "ELSA-2013-0628", "href": "http://linux.oracle.com/errata/ELSA-2013-0628.html", "title": "389-ds-base security and bug fix update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:46", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1897"], "description": "[1.2.11.15-14]\n- Resolves: Bug 929107 - ns-slapd crashes sporadically with segmentation fault in libslapd.so (ticket 627)\n- Resolves: Bug 929114 - cleanAllRUV task fails to cleanup config upon completion (ticket 623)\n[1.2.11.15-13]\n- Resolves: Bug 929114 - cleanAllRUV task fails to cleanup config upon completion (ticket 623)\n- Resolves: Bug 929111 - Coverity issue 13091\n- Resolves: Bug 929196 - Deadlock in DNA plug-in (ticket 634)\n- Resolves: Bug 929107 - ns-slapd crashes sporadically with segmentation fault in libslapd.so (ticket 627)\n- Resolves: Bug 929115 - crash in aci evaluation (ticket 628)\n- Resolves: Bug 923240 - unintended information exposure when anonymous access is set to rootdse (ticket 47308)", "edition": 4, "modified": "2013-04-15T00:00:00", "published": "2013-04-15T00:00:00", "id": "ELSA-2013-0742", "href": "http://linux.oracle.com/errata/ELSA-2013-0742.html", "title": "389-ds-base security and bug fix update", "type": "oraclelinux", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2021-01-17T13:12:09", "description": "Updated 389-ds-base packages that fix one security issue and multiple\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way LDAPv3 control data was handled by 389\nDirectory Server. If a malicious user were able to bind to the\ndirectory (even anonymously) and send an LDAP request containing\ncrafted LDAPv3 control data, they could cause the server to crash,\ndenying service to the directory. (CVE-2013-0312)\n\nThe CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.\n\nThis update also fixes the following bugs :\n\n* After an upgrade from Red Hat Enterprise Linux 6.3 to version 6.4,\nthe upgrade script did not update the schema file for the PamConfig\nobject class. Consequently, new features for PAM such as configuration\nof multiple instances and pamFilter attribute could not be used\nbecause of the schema violation. With this update, the upgrade script\nupdates the schema file for the PamConfig object class and new\nfeatures function properly. (BZ#910994)\n\n* Previously, the valgrind test suite reported recurring memory leaks\nin the modify_update_last_modified_attr() function. The size of the\nleaks averaged between 60-80 bytes per modify call. In environments\nwhere modify operations were frequent, this caused significant\nproblems. Now, memory leaks no longer occur in the\nmodify_update_last_modified_attr() function. (BZ#910995)\n\n* The Directory Server (DS) failed when multi-valued attributes were\nreplaced. The problem occurred when replication was enabled, while the\nserver executing the modification was configured as a single master\nand there was at least one replication agreement. Consequently, the\nmodification requests were refused by the master server, which\nreturned a code 20 'Type or value exists' error message. These\nrequests were replacements of multi-valued attributes, and the error\nonly occurred when one of the new values matched one of the current\nvalues of the attribute, but had a different letter case. Now,\nmodification requests function properly and no longer return code 20\nerrors. (BZ#910996)\n\n* The DNA (distributed numeric assignment) plug-in, under certain\nconditions, could log error messages with the 'DB_LOCK_DEADLOCK' error\ncode when attempting to create an entry with a uidNumber attribute.\nNow, DNA handles this case properly and errors no longer occur during\nattempts to create entries with uidNumber attributes. (BZ#911467)\n\n* Posix Winsync plugin was calling an internal modify function which\nwas not necessary. The internal modify call failed and logged an error\nmessage 'slapi_modify_internal_set_pb: NULL parameter' which was not\nclear. This patch stops calling the internal modify function if it is\nnot necessary and the cryptic error message is not observed.\n(BZ#911468)\n\n* Previously, under certain conditions, the dse.ldif file had 0 bytes\nafter a server termination or when the machine was powered off.\nConsequently, after the system was brought up, a DS or IdM system\ncould be unable to restart, leading to production server outages. Now,\nthe server mechanism by which the dse.ldif is written is more robust,\nand tries all available backup dse.ldif files, and outages no longer\noccur. (BZ#911469)\n\n* Due to an incorrect interpretation of an error code, a directory\nserver considered an invalid chaining configuration setting as the\ndisk full error and shut down unexpectedly. Now, a more appropriate\nerror code is in use and the server no longer shuts down from invalid\nchaining configuration settings. (BZ#911474)\n\n* While trying to remove a tombstone entry, the ns-slapd daemon\nterminated unexpectedly with a segmentation fault. With this update,\nremoval of tombstone entries no longer causes crashes. (BZ#914305)\n\nAll 389-ds-base users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing this update, the 389 server service will be restarted\nautomatically.", "edition": 25, "published": "2013-03-12T00:00:00", "title": "RHEL 6 : 389-ds-base (RHSA-2013:0628)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312"], "modified": "2013-03-12T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:6.4", "p-cpe:/a:redhat:enterprise_linux:389-ds-base-debuginfo", "p-cpe:/a:redhat:enterprise_linux:389-ds-base-libs", "p-cpe:/a:redhat:enterprise_linux:389-ds-base", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:389-ds-base-devel"], "id": "REDHAT-RHSA-2013-0628.NASL", "href": "https://www.tenable.com/plugins/nessus/65206", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0628. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65206);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-0312\");\n script_bugtraq_id(58428);\n script_xref(name:\"RHSA\", value:\"2013:0628\");\n\n script_name(english:\"RHEL 6 : 389-ds-base (RHSA-2013:0628)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated 389-ds-base packages that fix one security issue and multiple\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way LDAPv3 control data was handled by 389\nDirectory Server. If a malicious user were able to bind to the\ndirectory (even anonymously) and send an LDAP request containing\ncrafted LDAPv3 control data, they could cause the server to crash,\ndenying service to the directory. (CVE-2013-0312)\n\nThe CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.\n\nThis update also fixes the following bugs :\n\n* After an upgrade from Red Hat Enterprise Linux 6.3 to version 6.4,\nthe upgrade script did not update the schema file for the PamConfig\nobject class. Consequently, new features for PAM such as configuration\nof multiple instances and pamFilter attribute could not be used\nbecause of the schema violation. With this update, the upgrade script\nupdates the schema file for the PamConfig object class and new\nfeatures function properly. (BZ#910994)\n\n* Previously, the valgrind test suite reported recurring memory leaks\nin the modify_update_last_modified_attr() function. The size of the\nleaks averaged between 60-80 bytes per modify call. In environments\nwhere modify operations were frequent, this caused significant\nproblems. Now, memory leaks no longer occur in the\nmodify_update_last_modified_attr() function. (BZ#910995)\n\n* The Directory Server (DS) failed when multi-valued attributes were\nreplaced. The problem occurred when replication was enabled, while the\nserver executing the modification was configured as a single master\nand there was at least one replication agreement. Consequently, the\nmodification requests were refused by the master server, which\nreturned a code 20 'Type or value exists' error message. These\nrequests were replacements of multi-valued attributes, and the error\nonly occurred when one of the new values matched one of the current\nvalues of the attribute, but had a different letter case. Now,\nmodification requests function properly and no longer return code 20\nerrors. (BZ#910996)\n\n* The DNA (distributed numeric assignment) plug-in, under certain\nconditions, could log error messages with the 'DB_LOCK_DEADLOCK' error\ncode when attempting to create an entry with a uidNumber attribute.\nNow, DNA handles this case properly and errors no longer occur during\nattempts to create entries with uidNumber attributes. (BZ#911467)\n\n* Posix Winsync plugin was calling an internal modify function which\nwas not necessary. The internal modify call failed and logged an error\nmessage 'slapi_modify_internal_set_pb: NULL parameter' which was not\nclear. This patch stops calling the internal modify function if it is\nnot necessary and the cryptic error message is not observed.\n(BZ#911468)\n\n* Previously, under certain conditions, the dse.ldif file had 0 bytes\nafter a server termination or when the machine was powered off.\nConsequently, after the system was brought up, a DS or IdM system\ncould be unable to restart, leading to production server outages. Now,\nthe server mechanism by which the dse.ldif is written is more robust,\nand tries all available backup dse.ldif files, and outages no longer\noccur. (BZ#911469)\n\n* Due to an incorrect interpretation of an error code, a directory\nserver considered an invalid chaining configuration setting as the\ndisk full error and shut down unexpectedly. Now, a more appropriate\nerror code is in use and the server no longer shuts down from invalid\nchaining configuration settings. (BZ#911474)\n\n* While trying to remove a tombstone entry, the ns-slapd daemon\nterminated unexpectedly with a segmentation fault. With this update,\nremoval of tombstone entries no longer causes crashes. (BZ#914305)\n\nAll 389-ds-base users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing this update, the 389 server service will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0628\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0312\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:389-ds-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:389-ds-base-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:389-ds-base-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0628\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"389-ds-base-1.2.11.15-12.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"389-ds-base-1.2.11.15-12.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"389-ds-base-debuginfo-1.2.11.15-12.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"389-ds-base-debuginfo-1.2.11.15-12.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"389-ds-base-devel-1.2.11.15-12.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"389-ds-base-devel-1.2.11.15-12.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"389-ds-base-libs-1.2.11.15-12.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"389-ds-base-libs-1.2.11.15-12.el6_4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base / 389-ds-base-debuginfo / 389-ds-base-devel / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:47:49", "description": "From Red Hat Security Advisory 2013:0628 :\n\nUpdated 389-ds-base packages that fix one security issue and multiple\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way LDAPv3 control data was handled by 389\nDirectory Server. If a malicious user were able to bind to the\ndirectory (even anonymously) and send an LDAP request containing\ncrafted LDAPv3 control data, they could cause the server to crash,\ndenying service to the directory. (CVE-2013-0312)\n\nThe CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.\n\nThis update also fixes the following bugs :\n\n* After an upgrade from Red Hat Enterprise Linux 6.3 to version 6.4,\nthe upgrade script did not update the schema file for the PamConfig\nobject class. Consequently, new features for PAM such as configuration\nof multiple instances and pamFilter attribute could not be used\nbecause of the schema violation. With this update, the upgrade script\nupdates the schema file for the PamConfig object class and new\nfeatures function properly. (BZ#910994)\n\n* Previously, the valgrind test suite reported recurring memory leaks\nin the modify_update_last_modified_attr() function. The size of the\nleaks averaged between 60-80 bytes per modify call. In environments\nwhere modify operations were frequent, this caused significant\nproblems. Now, memory leaks no longer occur in the\nmodify_update_last_modified_attr() function. (BZ#910995)\n\n* The Directory Server (DS) failed when multi-valued attributes were\nreplaced. The problem occurred when replication was enabled, while the\nserver executing the modification was configured as a single master\nand there was at least one replication agreement. Consequently, the\nmodification requests were refused by the master server, which\nreturned a code 20 'Type or value exists' error message. These\nrequests were replacements of multi-valued attributes, and the error\nonly occurred when one of the new values matched one of the current\nvalues of the attribute, but had a different letter case. Now,\nmodification requests function properly and no longer return code 20\nerrors. (BZ#910996)\n\n* The DNA (distributed numeric assignment) plug-in, under certain\nconditions, could log error messages with the 'DB_LOCK_DEADLOCK' error\ncode when attempting to create an entry with a uidNumber attribute.\nNow, DNA handles this case properly and errors no longer occur during\nattempts to create entries with uidNumber attributes. (BZ#911467)\n\n* Posix Winsync plugin was calling an internal modify function which\nwas not necessary. The internal modify call failed and logged an error\nmessage 'slapi_modify_internal_set_pb: NULL parameter' which was not\nclear. This patch stops calling the internal modify function if it is\nnot necessary and the cryptic error message is not observed.\n(BZ#911468)\n\n* Previously, under certain conditions, the dse.ldif file had 0 bytes\nafter a server termination or when the machine was powered off.\nConsequently, after the system was brought up, a DS or IdM system\ncould be unable to restart, leading to production server outages. Now,\nthe server mechanism by which the dse.ldif is written is more robust,\nand tries all available backup dse.ldif files, and outages no longer\noccur. (BZ#911469)\n\n* Due to an incorrect interpretation of an error code, a directory\nserver considered an invalid chaining configuration setting as the\ndisk full error and shut down unexpectedly. Now, a more appropriate\nerror code is in use and the server no longer shuts down from invalid\nchaining configuration settings. (BZ#911474)\n\n* While trying to remove a tombstone entry, the ns-slapd daemon\nterminated unexpectedly with a segmentation fault. With this update,\nremoval of tombstone entries no longer causes crashes. (BZ#914305)\n\nAll 389-ds-base users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing this update, the 389 server service will be restarted\nautomatically.", "edition": 22, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : 389-ds-base (ELSA-2013-0628)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:389-ds-base-devel", "p-cpe:/a:oracle:linux:389-ds-base-libs", "p-cpe:/a:oracle:linux:389-ds-base"], "id": "ORACLELINUX_ELSA-2013-0628.NASL", "href": "https://www.tenable.com/plugins/nessus/68788", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0628 and \n# Oracle Linux Security Advisory ELSA-2013-0628 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68788);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-0312\");\n script_bugtraq_id(58428);\n script_xref(name:\"RHSA\", value:\"2013:0628\");\n\n script_name(english:\"Oracle Linux 6 : 389-ds-base (ELSA-2013-0628)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0628 :\n\nUpdated 389-ds-base packages that fix one security issue and multiple\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way LDAPv3 control data was handled by 389\nDirectory Server. If a malicious user were able to bind to the\ndirectory (even anonymously) and send an LDAP request containing\ncrafted LDAPv3 control data, they could cause the server to crash,\ndenying service to the directory. (CVE-2013-0312)\n\nThe CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.\n\nThis update also fixes the following bugs :\n\n* After an upgrade from Red Hat Enterprise Linux 6.3 to version 6.4,\nthe upgrade script did not update the schema file for the PamConfig\nobject class. Consequently, new features for PAM such as configuration\nof multiple instances and pamFilter attribute could not be used\nbecause of the schema violation. With this update, the upgrade script\nupdates the schema file for the PamConfig object class and new\nfeatures function properly. (BZ#910994)\n\n* Previously, the valgrind test suite reported recurring memory leaks\nin the modify_update_last_modified_attr() function. The size of the\nleaks averaged between 60-80 bytes per modify call. In environments\nwhere modify operations were frequent, this caused significant\nproblems. Now, memory leaks no longer occur in the\nmodify_update_last_modified_attr() function. (BZ#910995)\n\n* The Directory Server (DS) failed when multi-valued attributes were\nreplaced. The problem occurred when replication was enabled, while the\nserver executing the modification was configured as a single master\nand there was at least one replication agreement. Consequently, the\nmodification requests were refused by the master server, which\nreturned a code 20 'Type or value exists' error message. These\nrequests were replacements of multi-valued attributes, and the error\nonly occurred when one of the new values matched one of the current\nvalues of the attribute, but had a different letter case. Now,\nmodification requests function properly and no longer return code 20\nerrors. (BZ#910996)\n\n* The DNA (distributed numeric assignment) plug-in, under certain\nconditions, could log error messages with the 'DB_LOCK_DEADLOCK' error\ncode when attempting to create an entry with a uidNumber attribute.\nNow, DNA handles this case properly and errors no longer occur during\nattempts to create entries with uidNumber attributes. (BZ#911467)\n\n* Posix Winsync plugin was calling an internal modify function which\nwas not necessary. The internal modify call failed and logged an error\nmessage 'slapi_modify_internal_set_pb: NULL parameter' which was not\nclear. This patch stops calling the internal modify function if it is\nnot necessary and the cryptic error message is not observed.\n(BZ#911468)\n\n* Previously, under certain conditions, the dse.ldif file had 0 bytes\nafter a server termination or when the machine was powered off.\nConsequently, after the system was brought up, a DS or IdM system\ncould be unable to restart, leading to production server outages. Now,\nthe server mechanism by which the dse.ldif is written is more robust,\nand tries all available backup dse.ldif files, and outages no longer\noccur. (BZ#911469)\n\n* Due to an incorrect interpretation of an error code, a directory\nserver considered an invalid chaining configuration setting as the\ndisk full error and shut down unexpectedly. Now, a more appropriate\nerror code is in use and the server no longer shuts down from invalid\nchaining configuration settings. (BZ#911474)\n\n* While trying to remove a tombstone entry, the ns-slapd daemon\nterminated unexpectedly with a segmentation fault. With this update,\nremoval of tombstone entries no longer causes crashes. (BZ#914305)\n\nAll 389-ds-base users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing this update, the 389 server service will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-March/003352.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 389-ds-base packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:389-ds-base-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:389-ds-base-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"389-ds-base-1.2.11.15-12.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"389-ds-base-devel-1.2.11.15-12.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"389-ds-base-libs-1.2.11.15-12.el6_4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base / 389-ds-base-devel / 389-ds-base-libs\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:47:28", "description": "A flaw was found in the way LDAPv3 control data was handled by 389\nDirectory Server. If a malicious user were able to bind to the\ndirectory (even anonymously) and send an LDAP request containing\ncrafted LDAPv3 control data, they could cause the server to crash,\ndenying service to the directory. (CVE-2013-0312)\n\nThis update also fixes the following bugs :\n\n - After an upgrade from Scientific Linux 6.3 to version\n 6.4, the upgrade script did not update the schema file\n for the PamConfig object class. Consequently, new\n features for PAM such as configuration of multiple\n instances and pamFilter attribute could not be used\n because of the schema violation. With this update, the\n upgrade script updates the schema file for the PamConfig\n object class and new features function properly.\n\n - Previously, the valgrind test suite reported recurring\n memory leaks in the modify_update_last_modified_attr()\n function. The size of the leaks averaged between 60-80\n bytes per modify call. In environments where modify\n operations were frequent, this caused significant\n problems. Now, memory leaks no longer occur in the\n modify_update_last_modified_attr() function.\n\n - The Directory Server (DS) failed when multi-valued\n attributes were replaced. The problem occurred when\n replication was enabled, while the server executing the\n modification was configured as a single master and there\n was at least one replication agreement. Consequently,\n the modification requests were refused by the master\n server, which returned a code 20 'Type or value exists'\n error message. These requests were replacements of\n multi-valued attributes, and the error only occurred\n when one of the new values matched one of the current\n values of the attribute, but had a different letter\n case. Now, modification requests function properly and\n no longer return code 20 errors.\n\n - The DNA (distributed numeric assignment) plug-in, under\n certain conditions, could log error messages with the\n 'DB_LOCK_DEADLOCK' error code when attempting to create\n an entry with a uidNumber attribute. Now, DNA handles\n this case properly and errors no longer occur during\n attempts to create entries with uidNumber attributes.\n\n - Posix Winsync plugin was calling an internal modify\n function which was not necessary. The internal modify\n call failed and logged an error message\n 'slapi_modify_internal_set_pb: NULL parameter' which was\n not clear. This patch stops calling the internal modify\n function if it is not necessary and the cryptic error\n message is not observed.\n\n - Previously, under certain conditions, the dse.ldif file\n had 0 bytes after a server termination or when the\n machine was powered off. Consequently, after the system\n was brought up, a DS or IdM system could be unable to\n restart, leading to production server outages. Now, the\n server mechanism by which the dse.ldif is written is\n more robust, and tries all available backup dse.ldif\n files, and outages no longer occur.\n\n - Due to an incorrect interpretation of an error code, a\n directory server considered an invalid chaining\n configuration setting as the disk full error and shut\n down unexpectedly. Now, a more appropriate error code is\n in use and the server no longer shuts down from invalid\n chaining configuration settings.\n\n - While trying to remove a tombstone entry, the ns-slapd\n daemon terminated unexpectedly with a segmentation\n fault. With this update, removal of tombstone entries no\n longer causes crashes.\n\nAfter installing this update, the 389 server service will be restarted\nautomatically.", "edition": 16, "published": "2013-03-13T00:00:00", "title": "Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20130311)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312"], "modified": "2013-03-13T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:389-ds-base-devel", "p-cpe:/a:fermilab:scientific_linux:389-ds-base-debuginfo", "p-cpe:/a:fermilab:scientific_linux:389-ds-base-libs", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:389-ds-base"], "id": "SL_20130311_389_DS_BASE_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/65240", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65240);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-0312\");\n\n script_name(english:\"Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20130311)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way LDAPv3 control data was handled by 389\nDirectory Server. If a malicious user were able to bind to the\ndirectory (even anonymously) and send an LDAP request containing\ncrafted LDAPv3 control data, they could cause the server to crash,\ndenying service to the directory. (CVE-2013-0312)\n\nThis update also fixes the following bugs :\n\n - After an upgrade from Scientific Linux 6.3 to version\n 6.4, the upgrade script did not update the schema file\n for the PamConfig object class. Consequently, new\n features for PAM such as configuration of multiple\n instances and pamFilter attribute could not be used\n because of the schema violation. With this update, the\n upgrade script updates the schema file for the PamConfig\n object class and new features function properly.\n\n - Previously, the valgrind test suite reported recurring\n memory leaks in the modify_update_last_modified_attr()\n function. The size of the leaks averaged between 60-80\n bytes per modify call. In environments where modify\n operations were frequent, this caused significant\n problems. Now, memory leaks no longer occur in the\n modify_update_last_modified_attr() function.\n\n - The Directory Server (DS) failed when multi-valued\n attributes were replaced. The problem occurred when\n replication was enabled, while the server executing the\n modification was configured as a single master and there\n was at least one replication agreement. Consequently,\n the modification requests were refused by the master\n server, which returned a code 20 'Type or value exists'\n error message. These requests were replacements of\n multi-valued attributes, and the error only occurred\n when one of the new values matched one of the current\n values of the attribute, but had a different letter\n case. Now, modification requests function properly and\n no longer return code 20 errors.\n\n - The DNA (distributed numeric assignment) plug-in, under\n certain conditions, could log error messages with the\n 'DB_LOCK_DEADLOCK' error code when attempting to create\n an entry with a uidNumber attribute. Now, DNA handles\n this case properly and errors no longer occur during\n attempts to create entries with uidNumber attributes.\n\n - Posix Winsync plugin was calling an internal modify\n function which was not necessary. The internal modify\n call failed and logged an error message\n 'slapi_modify_internal_set_pb: NULL parameter' which was\n not clear. This patch stops calling the internal modify\n function if it is not necessary and the cryptic error\n message is not observed.\n\n - Previously, under certain conditions, the dse.ldif file\n had 0 bytes after a server termination or when the\n machine was powered off. Consequently, after the system\n was brought up, a DS or IdM system could be unable to\n restart, leading to production server outages. Now, the\n server mechanism by which the dse.ldif is written is\n more robust, and tries all available backup dse.ldif\n files, and outages no longer occur.\n\n - Due to an incorrect interpretation of an error code, a\n directory server considered an invalid chaining\n configuration setting as the disk full error and shut\n down unexpectedly. Now, a more appropriate error code is\n in use and the server no longer shuts down from invalid\n chaining configuration settings.\n\n - While trying to remove a tombstone entry, the ns-slapd\n daemon terminated unexpectedly with a segmentation\n fault. With this update, removal of tombstone entries no\n longer causes crashes.\n\nAfter installing this update, the 389 server service will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1303&L=scientific-linux-errata&T=0&P=4127\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?582cf8ac\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:389-ds-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:389-ds-base-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:389-ds-base-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"389-ds-base-1.2.11.15-12.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"389-ds-base-debuginfo-1.2.11.15-12.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"389-ds-base-devel-1.2.11.15-12.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"389-ds-base-libs-1.2.11.15-12.el6_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base / 389-ds-base-debuginfo / 389-ds-base-devel / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:28:35", "description": "Updated 389-ds-base packages that fix one security issue and multiple\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way LDAPv3 control data was handled by 389\nDirectory Server. If a malicious user were able to bind to the\ndirectory (even anonymously) and send an LDAP request containing\ncrafted LDAPv3 control data, they could cause the server to crash,\ndenying service to the directory. (CVE-2013-0312)\n\nThe CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.\n\nThis update also fixes the following bugs :\n\n* After an upgrade from Red Hat Enterprise Linux 6.3 to version 6.4,\nthe upgrade script did not update the schema file for the PamConfig\nobject class. Consequently, new features for PAM such as configuration\nof multiple instances and pamFilter attribute could not be used\nbecause of the schema violation. With this update, the upgrade script\nupdates the schema file for the PamConfig object class and new\nfeatures function properly. (BZ#910994)\n\n* Previously, the valgrind test suite reported recurring memory leaks\nin the modify_update_last_modified_attr() function. The size of the\nleaks averaged between 60-80 bytes per modify call. In environments\nwhere modify operations were frequent, this caused significant\nproblems. Now, memory leaks no longer occur in the\nmodify_update_last_modified_attr() function. (BZ#910995)\n\n* The Directory Server (DS) failed when multi-valued attributes were\nreplaced. The problem occurred when replication was enabled, while the\nserver executing the modification was configured as a single master\nand there was at least one replication agreement. Consequently, the\nmodification requests were refused by the master server, which\nreturned a code 20 'Type or value exists' error message. These\nrequests were replacements of multi-valued attributes, and the error\nonly occurred when one of the new values matched one of the current\nvalues of the attribute, but had a different letter case. Now,\nmodification requests function properly and no longer return code 20\nerrors. (BZ#910996)\n\n* The DNA (distributed numeric assignment) plug-in, under certain\nconditions, could log error messages with the 'DB_LOCK_DEADLOCK' error\ncode when attempting to create an entry with a uidNumber attribute.\nNow, DNA handles this case properly and errors no longer occur during\nattempts to create entries with uidNumber attributes. (BZ#911467)\n\n* Posix Winsync plugin was calling an internal modify function which\nwas not necessary. The internal modify call failed and logged an error\nmessage 'slapi_modify_internal_set_pb: NULL parameter' which was not\nclear. This patch stops calling the internal modify function if it is\nnot necessary and the cryptic error message is not observed.\n(BZ#911468)\n\n* Previously, under certain conditions, the dse.ldif file had 0 bytes\nafter a server termination or when the machine was powered off.\nConsequently, after the system was brought up, a DS or IdM system\ncould be unable to restart, leading to production server outages. Now,\nthe server mechanism by which the dse.ldif is written is more robust,\nand tries all available backup dse.ldif files, and outages no longer\noccur. (BZ#911469)\n\n* Due to an incorrect interpretation of an error code, a directory\nserver considered an invalid chaining configuration setting as the\ndisk full error and shut down unexpectedly. Now, a more appropriate\nerror code is in use and the server no longer shuts down from invalid\nchaining configuration settings. (BZ#911474)\n\n* While trying to remove a tombstone entry, the ns-slapd daemon\nterminated unexpectedly with a segmentation fault. With this update,\nremoval of tombstone entries no longer causes crashes. (BZ#914305)\n\nAll 389-ds-base users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing this update, the 389 server service will be restarted\nautomatically.", "edition": 25, "published": "2013-03-13T00:00:00", "title": "CentOS 6 : 389-ds-base (CESA-2013:0628)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0312"], "modified": "2013-03-13T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:389-ds-base", "p-cpe:/a:centos:centos:389-ds-base-libs", "p-cpe:/a:centos:centos:389-ds-base-devel"], "id": "CENTOS_RHSA-2013-0628.NASL", "href": "https://www.tenable.com/plugins/nessus/65227", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0628 and \n# CentOS Errata and Security Advisory 2013:0628 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65227);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-0312\");\n script_bugtraq_id(58428);\n script_xref(name:\"RHSA\", value:\"2013:0628\");\n\n script_name(english:\"CentOS 6 : 389-ds-base (CESA-2013:0628)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated 389-ds-base packages that fix one security issue and multiple\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nA flaw was found in the way LDAPv3 control data was handled by 389\nDirectory Server. If a malicious user were able to bind to the\ndirectory (even anonymously) and send an LDAP request containing\ncrafted LDAPv3 control data, they could cause the server to crash,\ndenying service to the directory. (CVE-2013-0312)\n\nThe CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.\n\nThis update also fixes the following bugs :\n\n* After an upgrade from Red Hat Enterprise Linux 6.3 to version 6.4,\nthe upgrade script did not update the schema file for the PamConfig\nobject class. Consequently, new features for PAM such as configuration\nof multiple instances and pamFilter attribute could not be used\nbecause of the schema violation. With this update, the upgrade script\nupdates the schema file for the PamConfig object class and new\nfeatures function properly. (BZ#910994)\n\n* Previously, the valgrind test suite reported recurring memory leaks\nin the modify_update_last_modified_attr() function. The size of the\nleaks averaged between 60-80 bytes per modify call. In environments\nwhere modify operations were frequent, this caused significant\nproblems. Now, memory leaks no longer occur in the\nmodify_update_last_modified_attr() function. (BZ#910995)\n\n* The Directory Server (DS) failed when multi-valued attributes were\nreplaced. The problem occurred when replication was enabled, while the\nserver executing the modification was configured as a single master\nand there was at least one replication agreement. Consequently, the\nmodification requests were refused by the master server, which\nreturned a code 20 'Type or value exists' error message. These\nrequests were replacements of multi-valued attributes, and the error\nonly occurred when one of the new values matched one of the current\nvalues of the attribute, but had a different letter case. Now,\nmodification requests function properly and no longer return code 20\nerrors. (BZ#910996)\n\n* The DNA (distributed numeric assignment) plug-in, under certain\nconditions, could log error messages with the 'DB_LOCK_DEADLOCK' error\ncode when attempting to create an entry with a uidNumber attribute.\nNow, DNA handles this case properly and errors no longer occur during\nattempts to create entries with uidNumber attributes. (BZ#911467)\n\n* Posix Winsync plugin was calling an internal modify function which\nwas not necessary. The internal modify call failed and logged an error\nmessage 'slapi_modify_internal_set_pb: NULL parameter' which was not\nclear. This patch stops calling the internal modify function if it is\nnot necessary and the cryptic error message is not observed.\n(BZ#911468)\n\n* Previously, under certain conditions, the dse.ldif file had 0 bytes\nafter a server termination or when the machine was powered off.\nConsequently, after the system was brought up, a DS or IdM system\ncould be unable to restart, leading to production server outages. Now,\nthe server mechanism by which the dse.ldif is written is more robust,\nand tries all available backup dse.ldif files, and outages no longer\noccur. (BZ#911469)\n\n* Due to an incorrect interpretation of an error code, a directory\nserver considered an invalid chaining configuration setting as the\ndisk full error and shut down unexpectedly. Now, a more appropriate\nerror code is in use and the server no longer shuts down from invalid\nchaining configuration settings. (BZ#911474)\n\n* While trying to remove a tombstone entry, the ns-slapd daemon\nterminated unexpectedly with a segmentation fault. With this update,\nremoval of tombstone entries no longer causes crashes. (BZ#914305)\n\nAll 389-ds-base users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing this update, the 389 server service will be restarted\nautomatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-March/019641.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aa777cf6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 389-ds-base packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0312\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:389-ds-base-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:389-ds-base-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"389-ds-base-1.2.11.15-12.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"389-ds-base-devel-1.2.11.15-12.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"389-ds-base-libs-1.2.11.15-12.el6_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base / 389-ds-base-devel / 389-ds-base-libs\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:28:36", "description": "Updated 389-ds-base packages that fix one security issue and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nIt was found that the 389 Directory Server did not properly restrict\naccess to entries when the 'nsslapd-allow-anonymous-access'\nconfiguration setting was set to 'rootdse'. An anonymous user could\nconnect to the LDAP database and, if the search scope is set to BASE,\nobtain access to information outside of the rootDSE. (CVE-2013-1897)\n\nThis issue was discovered by Martin Kosek of Red Hat.\n\nThis update also fixes the following bugs :\n\n* Previously, the schema-reload plug-in was not thread-safe.\nConsequently, executing the schema-reload.pl script under heavy load\ncould have caused the ns-slapd process to terminate unexpectedly with\na segmentation fault. Currently, the schema-reload plug-in is\nre-designed so that it is thread-safe, and the schema-reload.pl script\ncan be executed along with other LDAP operations. (BZ#929107)\n\n* An out of scope problem for a local variable, in some cases, caused\nthe modrdn operation to terminate unexpectedly with a segmentation\nfault. This update declares the local variable at the proper place of\nthe function so it does not go out of scope, and the modrdn operation\nno longer crashes. (BZ#929111)\n\n* A task manually constructed an exact value to be removed from the\nconfiguration if the 'replica-force-cleaning' option was used.\nConsequently, the task configuration was not cleaned up, and every\ntime the server was restarted, the task behaved in the described\nmanner. This update searches the configuration for the exact value to\ndelete, instead of manually building the value, and the task does not\nrestart when the server is restarted. (BZ#929114)\n\n* Previously, a NULL pointer dereference could have occurred when\nattempting to get effective rights on an entry that did not exist,\nleading to an unexpected termination due to a segmentation fault. This\nupdate checks for NULL entry pointers and returns the appropriate\nerror. Now, attempts to get effective rights on an entry that does not\nexist no longer causes crashes, and the server returns the appropriate\nerror message. (BZ#929115)\n\n* A problem in the lock timing in the DNA plug-in caused a deadlock if\nthe DNA operation was executed with other plug-ins. This update moves\nthe release timing of the problematic lock, and the DNA plug-in does\nnot cause the deadlock. (BZ#929196)\n\nAll 389-ds-base users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing this update, the 389 server service will be restarted\nautomatically.", "edition": 24, "published": "2013-04-17T00:00:00", "title": "CentOS 6 : 389-ds-base (CESA-2013:0742)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1897"], "modified": "2013-04-17T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:389-ds-base", "p-cpe:/a:centos:centos:389-ds-base-libs", "p-cpe:/a:centos:centos:389-ds-base-devel"], "id": "CENTOS_RHSA-2013-0742.NASL", "href": "https://www.tenable.com/plugins/nessus/65987", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0742 and \n# CentOS Errata and Security Advisory 2013:0742 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65987);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-1897\");\n script_bugtraq_id(59026);\n script_xref(name:\"RHSA\", value:\"2013:0742\");\n\n script_name(english:\"CentOS 6 : 389-ds-base (CESA-2013:0742)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated 389-ds-base packages that fix one security issue and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nIt was found that the 389 Directory Server did not properly restrict\naccess to entries when the 'nsslapd-allow-anonymous-access'\nconfiguration setting was set to 'rootdse'. An anonymous user could\nconnect to the LDAP database and, if the search scope is set to BASE,\nobtain access to information outside of the rootDSE. (CVE-2013-1897)\n\nThis issue was discovered by Martin Kosek of Red Hat.\n\nThis update also fixes the following bugs :\n\n* Previously, the schema-reload plug-in was not thread-safe.\nConsequently, executing the schema-reload.pl script under heavy load\ncould have caused the ns-slapd process to terminate unexpectedly with\na segmentation fault. Currently, the schema-reload plug-in is\nre-designed so that it is thread-safe, and the schema-reload.pl script\ncan be executed along with other LDAP operations. (BZ#929107)\n\n* An out of scope problem for a local variable, in some cases, caused\nthe modrdn operation to terminate unexpectedly with a segmentation\nfault. This update declares the local variable at the proper place of\nthe function so it does not go out of scope, and the modrdn operation\nno longer crashes. (BZ#929111)\n\n* A task manually constructed an exact value to be removed from the\nconfiguration if the 'replica-force-cleaning' option was used.\nConsequently, the task configuration was not cleaned up, and every\ntime the server was restarted, the task behaved in the described\nmanner. This update searches the configuration for the exact value to\ndelete, instead of manually building the value, and the task does not\nrestart when the server is restarted. (BZ#929114)\n\n* Previously, a NULL pointer dereference could have occurred when\nattempting to get effective rights on an entry that did not exist,\nleading to an unexpected termination due to a segmentation fault. This\nupdate checks for NULL entry pointers and returns the appropriate\nerror. Now, attempts to get effective rights on an entry that does not\nexist no longer causes crashes, and the server returns the appropriate\nerror message. (BZ#929115)\n\n* A problem in the lock timing in the DNA plug-in caused a deadlock if\nthe DNA operation was executed with other plug-ins. This update moves\nthe release timing of the problematic lock, and the DNA plug-in does\nnot cause the deadlock. (BZ#929196)\n\nAll 389-ds-base users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing this update, the 389 server service will be restarted\nautomatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-April/019689.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9e7f1bf7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 389-ds-base packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-1897\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:389-ds-base-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:389-ds-base-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"389-ds-base-1.2.11.15-14.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"389-ds-base-devel-1.2.11.15-14.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"389-ds-base-libs-1.2.11.15-14.el6_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base / 389-ds-base-devel / 389-ds-base-libs\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:11:49", "description": "This release fixes 7 critical bugs including one security bug.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-04-03T00:00:00", "title": "Fedora 18 : 389-ds-base-1.3.0.5-1.fc18 (2013-4578)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1897"], "modified": "2013-04-03T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:389-ds-base"], "id": "FEDORA_2013-4578.NASL", "href": "https://www.tenable.com/plugins/nessus/65778", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-4578.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65778);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1897\");\n script_xref(name:\"FEDORA\", value:\"2013-4578\");\n\n script_name(english:\"Fedora 18 : 389-ds-base-1.3.0.5-1.fc18 (2013-4578)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This release fixes 7 critical bugs including one security bug.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=928105\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-April/101323.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d8c5bbe9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 389-ds-base package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"389-ds-base-1.3.0.5-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:11:50", "description": "Here is where you give an explanation of your update. This release\nfixes 7 critical bugs including one security bug.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2013-07-12T00:00:00", "title": "Fedora 17 : 389-ds-base-1.2.11.21-1.fc17 (2013-5349)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1897"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:389-ds-base"], "id": "FEDORA_2013-5349.NASL", "href": "https://www.tenable.com/plugins/nessus/67344", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-5349.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67344);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1897\");\n script_bugtraq_id(59026);\n script_xref(name:\"FEDORA\", value:\"2013-5349\");\n\n script_name(english:\"Fedora 17 : 389-ds-base-1.2.11.21-1.fc17 (2013-5349)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Here is where you give an explanation of your update. This release\nfixes 7 critical bugs including one security bug.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=928105\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-June/108783.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?740a0b88\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 389-ds-base package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"389-ds-base-1.2.11.21-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T13:12:18", "description": "Updated 389-ds-base packages that fix one security issue and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nIt was found that the 389 Directory Server did not properly restrict\naccess to entries when the 'nsslapd-allow-anonymous-access'\nconfiguration setting was set to 'rootdse'. An anonymous user could\nconnect to the LDAP database and, if the search scope is set to BASE,\nobtain access to information outside of the rootDSE. (CVE-2013-1897)\n\nThis issue was discovered by Martin Kosek of Red Hat.\n\nThis update also fixes the following bugs :\n\n* Previously, the schema-reload plug-in was not thread-safe.\nConsequently, executing the schema-reload.pl script under heavy load\ncould have caused the ns-slapd process to terminate unexpectedly with\na segmentation fault. Currently, the schema-reload plug-in is\nre-designed so that it is thread-safe, and the schema-reload.pl script\ncan be executed along with other LDAP operations. (BZ#929107)\n\n* An out of scope problem for a local variable, in some cases, caused\nthe modrdn operation to terminate unexpectedly with a segmentation\nfault. This update declares the local variable at the proper place of\nthe function so it does not go out of scope, and the modrdn operation\nno longer crashes. (BZ#929111)\n\n* A task manually constructed an exact value to be removed from the\nconfiguration if the 'replica-force-cleaning' option was used.\nConsequently, the task configuration was not cleaned up, and every\ntime the server was restarted, the task behaved in the described\nmanner. This update searches the configuration for the exact value to\ndelete, instead of manually building the value, and the task does not\nrestart when the server is restarted. (BZ#929114)\n\n* Previously, a NULL pointer dereference could have occurred when\nattempting to get effective rights on an entry that did not exist,\nleading to an unexpected termination due to a segmentation fault. This\nupdate checks for NULL entry pointers and returns the appropriate\nerror. Now, attempts to get effective rights on an entry that does not\nexist no longer causes crashes, and the server returns the appropriate\nerror message. (BZ#929115)\n\n* A problem in the lock timing in the DNA plug-in caused a deadlock if\nthe DNA operation was executed with other plug-ins. This update moves\nthe release timing of the problematic lock, and the DNA plug-in does\nnot cause the deadlock. (BZ#929196)\n\nAll 389-ds-base users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing this update, the 389 server service will be restarted\nautomatically.", "edition": 24, "published": "2013-04-16T00:00:00", "title": "RHEL 6 : 389-ds-base (RHSA-2013:0742)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1897"], "modified": "2013-04-16T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:6.4", "p-cpe:/a:redhat:enterprise_linux:389-ds-base-debuginfo", "p-cpe:/a:redhat:enterprise_linux:389-ds-base-libs", "p-cpe:/a:redhat:enterprise_linux:389-ds-base", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:389-ds-base-devel"], "id": "REDHAT-RHSA-2013-0742.NASL", "href": "https://www.tenable.com/plugins/nessus/65976", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0742. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65976);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-1897\");\n script_bugtraq_id(59026);\n script_xref(name:\"RHSA\", value:\"2013:0742\");\n\n script_name(english:\"RHEL 6 : 389-ds-base (RHSA-2013:0742)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated 389-ds-base packages that fix one security issue and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nIt was found that the 389 Directory Server did not properly restrict\naccess to entries when the 'nsslapd-allow-anonymous-access'\nconfiguration setting was set to 'rootdse'. An anonymous user could\nconnect to the LDAP database and, if the search scope is set to BASE,\nobtain access to information outside of the rootDSE. (CVE-2013-1897)\n\nThis issue was discovered by Martin Kosek of Red Hat.\n\nThis update also fixes the following bugs :\n\n* Previously, the schema-reload plug-in was not thread-safe.\nConsequently, executing the schema-reload.pl script under heavy load\ncould have caused the ns-slapd process to terminate unexpectedly with\na segmentation fault. Currently, the schema-reload plug-in is\nre-designed so that it is thread-safe, and the schema-reload.pl script\ncan be executed along with other LDAP operations. (BZ#929107)\n\n* An out of scope problem for a local variable, in some cases, caused\nthe modrdn operation to terminate unexpectedly with a segmentation\nfault. This update declares the local variable at the proper place of\nthe function so it does not go out of scope, and the modrdn operation\nno longer crashes. (BZ#929111)\n\n* A task manually constructed an exact value to be removed from the\nconfiguration if the 'replica-force-cleaning' option was used.\nConsequently, the task configuration was not cleaned up, and every\ntime the server was restarted, the task behaved in the described\nmanner. This update searches the configuration for the exact value to\ndelete, instead of manually building the value, and the task does not\nrestart when the server is restarted. (BZ#929114)\n\n* Previously, a NULL pointer dereference could have occurred when\nattempting to get effective rights on an entry that did not exist,\nleading to an unexpected termination due to a segmentation fault. This\nupdate checks for NULL entry pointers and returns the appropriate\nerror. Now, attempts to get effective rights on an entry that does not\nexist no longer causes crashes, and the server returns the appropriate\nerror message. (BZ#929115)\n\n* A problem in the lock timing in the DNA plug-in caused a deadlock if\nthe DNA operation was executed with other plug-ins. This update moves\nthe release timing of the problematic lock, and the DNA plug-in does\nnot cause the deadlock. (BZ#929196)\n\nAll 389-ds-base users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing this update, the 389 server service will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0742\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1897\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:389-ds-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:389-ds-base-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:389-ds-base-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0742\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"389-ds-base-1.2.11.15-14.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"389-ds-base-1.2.11.15-14.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"389-ds-base-debuginfo-1.2.11.15-14.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"389-ds-base-debuginfo-1.2.11.15-14.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"389-ds-base-devel-1.2.11.15-14.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"389-ds-base-devel-1.2.11.15-14.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"389-ds-base-libs-1.2.11.15-14.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"389-ds-base-libs-1.2.11.15-14.el6_4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base / 389-ds-base-debuginfo / 389-ds-base-devel / etc\");\n }\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T13:47:29", "description": "It was found that the 389 Directory Server did not properly restrict\naccess to entries when the 'nsslapd-allow-anonymous-access'\nconfiguration setting was set to 'rootdse'. An anonymous user could\nconnect to the LDAP database and, if the search scope is set to BASE,\nobtain access to information outside of the rootDSE. (CVE-2013-1897)\n\nThis update also fixes the following bugs :\n\n - Previously, the schema-reload plug-in was not\n thread-safe. Consequently, executing the\n schema-reload.pl script under heavy load could have\n caused the ns-slapd process to terminate unexpectedly\n with a segmentation fault. Currently, the schema-reload\n plug-in is re-designed so that it is thread- safe, and\n the schema-reload.pl script can be executed along with\n other LDAP operations.\n\n - An out of scope problem for a local variable, in some\n cases, caused the modrdn operation to terminate\n unexpectedly with a segmentation fault. This update\n declares the local variable at the proper place of the\n function so it does not go out of scope, and the modrdn\n operation no longer crashes.\n\n - A task manually constructed an exact value to be removed\n from the configuration if the 'replica-force-cleaning'\n option was used. Consequently, the task configuration\n was not cleaned up, and every time the server was\n restarted, the task behaved in the described manner.\n This update searches the configuration for the exact\n value to delete, instead of manually building the value,\n and the task does not restart when the server is\n restarted.\n\n - Previously, a NULL pointer dereference could have\n occurred when attempting to get effective rights on an\n entry that did not exist, leading to an unexpected\n termination due to a segmentation fault. This update\n checks for NULL entry pointers and returns the\n appropriate error. Now, attempts to get effective rights\n on an entry that does not exist no longer causes\n crashes, and the server returns the appropriate error\n message.\n\n - A problem in the lock timing in the DNA plug-in caused a\n deadlock if the DNA operation was executed with other\n plug-ins. This update moves the release timing of the\n problematic lock, and the DNA plug-in does not cause the\n deadlock.\n\nAfter installing this update, the 389 server service will be restarted\nautomatically.", "edition": 16, "published": "2013-04-16T00:00:00", "title": "Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20130415)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1897"], "modified": "2013-04-16T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:389-ds-base-devel", "p-cpe:/a:fermilab:scientific_linux:389-ds-base-debuginfo", "p-cpe:/a:fermilab:scientific_linux:389-ds-base-libs", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:389-ds-base"], "id": "SL_20130415_389_DS_BASE_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/65977", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65977);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-1897\");\n\n script_name(english:\"Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20130415)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the 389 Directory Server did not properly restrict\naccess to entries when the 'nsslapd-allow-anonymous-access'\nconfiguration setting was set to 'rootdse'. An anonymous user could\nconnect to the LDAP database and, if the search scope is set to BASE,\nobtain access to information outside of the rootDSE. (CVE-2013-1897)\n\nThis update also fixes the following bugs :\n\n - Previously, the schema-reload plug-in was not\n thread-safe. Consequently, executing the\n schema-reload.pl script under heavy load could have\n caused the ns-slapd process to terminate unexpectedly\n with a segmentation fault. Currently, the schema-reload\n plug-in is re-designed so that it is thread- safe, and\n the schema-reload.pl script can be executed along with\n other LDAP operations.\n\n - An out of scope problem for a local variable, in some\n cases, caused the modrdn operation to terminate\n unexpectedly with a segmentation fault. This update\n declares the local variable at the proper place of the\n function so it does not go out of scope, and the modrdn\n operation no longer crashes.\n\n - A task manually constructed an exact value to be removed\n from the configuration if the 'replica-force-cleaning'\n option was used. Consequently, the task configuration\n was not cleaned up, and every time the server was\n restarted, the task behaved in the described manner.\n This update searches the configuration for the exact\n value to delete, instead of manually building the value,\n and the task does not restart when the server is\n restarted.\n\n - Previously, a NULL pointer dereference could have\n occurred when attempting to get effective rights on an\n entry that did not exist, leading to an unexpected\n termination due to a segmentation fault. This update\n checks for NULL entry pointers and returns the\n appropriate error. Now, attempts to get effective rights\n on an entry that does not exist no longer causes\n crashes, and the server returns the appropriate error\n message.\n\n - A problem in the lock timing in the DNA plug-in caused a\n deadlock if the DNA operation was executed with other\n plug-ins. This update moves the release timing of the\n problematic lock, and the DNA plug-in does not cause the\n deadlock.\n\nAfter installing this update, the 389 server service will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1304&L=scientific-linux-errata&T=0&P=954\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a9a5290f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:389-ds-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:389-ds-base-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:389-ds-base-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"389-ds-base-1.2.11.15-14.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"389-ds-base-debuginfo-1.2.11.15-14.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"389-ds-base-devel-1.2.11.15-14.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"389-ds-base-libs-1.2.11.15-14.el6_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base / 389-ds-base-debuginfo / 389-ds-base-devel / etc\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T12:47:51", "description": "From Red Hat Security Advisory 2013:0742 :\n\nUpdated 389-ds-base packages that fix one security issue and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nIt was found that the 389 Directory Server did not properly restrict\naccess to entries when the 'nsslapd-allow-anonymous-access'\nconfiguration setting was set to 'rootdse'. An anonymous user could\nconnect to the LDAP database and, if the search scope is set to BASE,\nobtain access to information outside of the rootDSE. (CVE-2013-1897)\n\nThis issue was discovered by Martin Kosek of Red Hat.\n\nThis update also fixes the following bugs :\n\n* Previously, the schema-reload plug-in was not thread-safe.\nConsequently, executing the schema-reload.pl script under heavy load\ncould have caused the ns-slapd process to terminate unexpectedly with\na segmentation fault. Currently, the schema-reload plug-in is\nre-designed so that it is thread-safe, and the schema-reload.pl script\ncan be executed along with other LDAP operations. (BZ#929107)\n\n* An out of scope problem for a local variable, in some cases, caused\nthe modrdn operation to terminate unexpectedly with a segmentation\nfault. This update declares the local variable at the proper place of\nthe function so it does not go out of scope, and the modrdn operation\nno longer crashes. (BZ#929111)\n\n* A task manually constructed an exact value to be removed from the\nconfiguration if the 'replica-force-cleaning' option was used.\nConsequently, the task configuration was not cleaned up, and every\ntime the server was restarted, the task behaved in the described\nmanner. This update searches the configuration for the exact value to\ndelete, instead of manually building the value, and the task does not\nrestart when the server is restarted. (BZ#929114)\n\n* Previously, a NULL pointer dereference could have occurred when\nattempting to get effective rights on an entry that did not exist,\nleading to an unexpected termination due to a segmentation fault. This\nupdate checks for NULL entry pointers and returns the appropriate\nerror. Now, attempts to get effective rights on an entry that does not\nexist no longer causes crashes, and the server returns the appropriate\nerror message. (BZ#929115)\n\n* A problem in the lock timing in the DNA plug-in caused a deadlock if\nthe DNA operation was executed with other plug-ins. This update moves\nthe release timing of the problematic lock, and the DNA plug-in does\nnot cause the deadlock. (BZ#929196)\n\nAll 389-ds-base users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing this update, the 389 server service will be restarted\nautomatically.", "edition": 21, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : 389-ds-base (ELSA-2013-0742)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1897"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:389-ds-base-devel", "p-cpe:/a:oracle:linux:389-ds-base-libs", "p-cpe:/a:oracle:linux:389-ds-base"], "id": "ORACLELINUX_ELSA-2013-0742.NASL", "href": "https://www.tenable.com/plugins/nessus/68806", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0742 and \n# Oracle Linux Security Advisory ELSA-2013-0742 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68806);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-1897\");\n script_bugtraq_id(59026);\n script_xref(name:\"RHSA\", value:\"2013:0742\");\n\n script_name(english:\"Oracle Linux 6 : 389-ds-base (ELSA-2013-0742)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0742 :\n\nUpdated 389-ds-base packages that fix one security issue and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe 389 Directory Server is an LDAPv3 compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP)\nserver and command-line utilities for server administration.\n\nIt was found that the 389 Directory Server did not properly restrict\naccess to entries when the 'nsslapd-allow-anonymous-access'\nconfiguration setting was set to 'rootdse'. An anonymous user could\nconnect to the LDAP database and, if the search scope is set to BASE,\nobtain access to information outside of the rootDSE. (CVE-2013-1897)\n\nThis issue was discovered by Martin Kosek of Red Hat.\n\nThis update also fixes the following bugs :\n\n* Previously, the schema-reload plug-in was not thread-safe.\nConsequently, executing the schema-reload.pl script under heavy load\ncould have caused the ns-slapd process to terminate unexpectedly with\na segmentation fault. Currently, the schema-reload plug-in is\nre-designed so that it is thread-safe, and the schema-reload.pl script\ncan be executed along with other LDAP operations. (BZ#929107)\n\n* An out of scope problem for a local variable, in some cases, caused\nthe modrdn operation to terminate unexpectedly with a segmentation\nfault. This update declares the local variable at the proper place of\nthe function so it does not go out of scope, and the modrdn operation\nno longer crashes. (BZ#929111)\n\n* A task manually constructed an exact value to be removed from the\nconfiguration if the 'replica-force-cleaning' option was used.\nConsequently, the task configuration was not cleaned up, and every\ntime the server was restarted, the task behaved in the described\nmanner. This update searches the configuration for the exact value to\ndelete, instead of manually building the value, and the task does not\nrestart when the server is restarted. (BZ#929114)\n\n* Previously, a NULL pointer dereference could have occurred when\nattempting to get effective rights on an entry that did not exist,\nleading to an unexpected termination due to a segmentation fault. This\nupdate checks for NULL entry pointers and returns the appropriate\nerror. Now, attempts to get effective rights on an entry that does not\nexist no longer causes crashes, and the server returns the appropriate\nerror message. (BZ#929115)\n\n* A problem in the lock timing in the DNA plug-in caused a deadlock if\nthe DNA operation was executed with other plug-ins. This update moves\nthe release timing of the problematic lock, and the DNA plug-in does\nnot cause the deadlock. (BZ#929196)\n\nAll 389-ds-base users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.\nAfter installing this update, the 389 server service will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-April/003411.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 389-ds-base packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:389-ds-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:389-ds-base-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:389-ds-base-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"389-ds-base-1.2.11.15-14.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"389-ds-base-devel-1.2.11.15-14.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"389-ds-base-libs-1.2.11.15-14.el6_4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"389-ds-base / 389-ds-base-devel / 389-ds-base-libs\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "amazon": [{"lastseen": "2020-11-10T12:35:30", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1897"], "description": "**Issue Overview:**\n\nIt was found that the 389 Directory Server did not properly restrict access to entries when the \"nsslapd-allow-anonymous-access\" configuration setting was set to \"rootdse\". An anonymous user could connect to the LDAP database and, if the search scope is set to BASE, obtain access to information outside of the rootDSE. ([CVE-2013-1897 __](<https://access.redhat.com/security/cve/CVE-2013-1897>))\n\n \n**Affected Packages:** \n\n\n389-ds-base\n\n \n**Issue Correction:** \nRun _yum update 389-ds-base_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n 389-ds-base-1.3.0.6-1.3.amzn1.i686 \n 389-ds-base-devel-1.3.0.6-1.3.amzn1.i686 \n 389-ds-base-debuginfo-1.3.0.6-1.3.amzn1.i686 \n 389-ds-base-libs-1.3.0.6-1.3.amzn1.i686 \n \n src: \n 389-ds-base-1.3.0.6-1.3.amzn1.src \n \n x86_64: \n 389-ds-base-1.3.0.6-1.3.amzn1.x86_64 \n 389-ds-base-libs-1.3.0.6-1.3.amzn1.x86_64 \n 389-ds-base-debuginfo-1.3.0.6-1.3.amzn1.x86_64 \n 389-ds-base-devel-1.3.0.6-1.3.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2013-04-18T15:39:00", "published": "2013-04-18T15:39:00", "id": "ALAS-2013-184", "href": "https://alas.aws.amazon.com/ALAS-2013-184.html", "title": "Low: 389-ds-base", "type": "amazon", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}]}
