Lucene search
This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.ALA_ALAS-2018-1094.NASLHistoryOct 25, 2018 - 12:00 a.m.
Amazon Linux AMI : 389-ds-base (ALAS-2018-1094)
2018-10-2500:00:00
This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.025 Low
EPSS
Percentile
90.1%
A vulnerability was discovered in 389-ds-base. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN, which would cause slapd to crash.(CVE-2018-14624)
A race condition was found in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. An anonymous attacker could use this flaw to trigger a denial of service.(CVE-2018-10850)
A double-free of a password policy structure was found in the way slapd was handling certain errors during persistent search. A unauthenticated attacker could use this flaw to crash Directory Server.(CVE-2018-14638)
A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort.(CVE-2018-10935)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1094.
#
include("compat.inc");
if (description)
{
script_id(118361);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/02/04");
script_cve_id("CVE-2018-10850", "CVE-2018-10935", "CVE-2018-14624", "CVE-2018-14638");
script_xref(name:"ALAS", value:"2018-1094");
script_name(english:"Amazon Linux AMI : 389-ds-base (ALAS-2018-1094)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Amazon Linux AMI host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"A vulnerability was discovered in 389-ds-base. The lock controlling
the error log was not correctly used when re-opening the log file in
log__error_emergency(). An attacker could send a flood of
modifications to a very large DN, which would cause slapd to
crash.(CVE-2018-14624)
A race condition was found in the way 389-ds-base handles persistent
search, resulting in a crash if the server is under load. An anonymous
attacker could use this flaw to trigger a denial of
service.(CVE-2018-10850)
A double-free of a password policy structure was found in the way
slapd was handling certain errors during persistent search. A
unauthenticated attacker could use this flaw to crash Directory
Server.(CVE-2018-14638)
A flaw was found in the 389 Directory Server that allows users to
cause a crash in the LDAP server using ldapsearch with server side
sort.(CVE-2018-10935)"
);
script_set_attribute(
attribute:"see_also",
value:"https://alas.aws.amazon.com/ALAS-2018-1094.html"
);
script_set_attribute(
attribute:"solution",
value:"Run 'yum update 389-ds-base' to update your system."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-10850");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:389-ds-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:389-ds-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:389-ds-base-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:389-ds-base-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:389-ds-base-snmp");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/06/13");
script_set_attribute(attribute:"patch_publication_date", value:"2018/10/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/25");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Amazon Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (rpm_check(release:"ALA", reference:"389-ds-base-1.3.7.5-28.58.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"389-ds-base-debuginfo-1.3.7.5-28.58.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"389-ds-base-devel-1.3.7.5-28.58.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"389-ds-base-libs-1.3.7.5-28.58.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"389-ds-base-snmp-1.3.7.5-28.58.amzn1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "389-ds-base / 389-ds-base-debuginfo / 389-ds-base-devel / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| amazon | linux | 389-ds-base | p-cpe:/a:amazon:linux:389-ds-base |
| amazon | linux | 389-ds-base-debuginfo | p-cpe:/a:amazon:linux:389-ds-base-debuginfo |
| amazon | linux | 389-ds-base-devel | p-cpe:/a:amazon:linux:389-ds-base-devel |
| amazon | linux | 389-ds-base-libs | p-cpe:/a:amazon:linux:389-ds-base-libs |
| amazon | linux | 389-ds-base-snmp | p-cpe:/a:amazon:linux:389-ds-base-snmp |
| amazon | linux | cpe:/o:amazon:linux |
Related
oraclelinux
oraclelinux
389-ds-base security and bug fix update
2018-09-25 00:00:00
redhat
redhat
(RHSA-2018:2757) Moderate: 389-ds-base security and bug fix update
2018-09-25 17:29:10
nessus
nessus
EulerOS 2.0 SP3 : 389-ds-base (EulerOS-SA-2018-1365)
2018-11-07 00:00:00
CentOS 7 : 389-ds-base (CESA-2018:2757)
2018-10-01 00:00:00
RHEL 7 : 389-ds-base (RHSA-2018:2757)
2018-09-27 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1365)
2020-01-23 00:00:00
CentOS Update for 389-ds-base CESA-2018:2757 centos7
2018-10-03 00:00:00
Mageia: Security Advisory (MGASA-2018-0404)
2022-01-28 00:00:00
amazon
amazon
Medium: 389-ds-base
2018-10-24 16:34:00
Medium: 389-ds-base
2018-10-23 18:40:00
centos
centos
389 security update
2018-09-28 16:44:30
mageia
mageia
Updated 389-ds-base packages fix security vulnerabilities
2018-10-19 21:00:37
suse
suse
Security update for 389-ds (important)
2019-05-15 00:00:00
nvd
nvd
ubuntucve
ubuntucve
prion
prion
Denial of service
2018-09-14 19:29:00
Design/Logic Flaw
2018-09-11 15:29:00
Race condition
2018-06-13 20:29:00
debiancve
debiancve
cve
cve
veracode
veracode
Denial Of Service
2019-05-16 03:36:30
Denial Of Service (DoS)
2019-01-15 09:25:36
Denial Of Service
2019-05-16 03:36:27
cvelist
cvelist
redhatcve
redhatcve
checkpoint_advisories
checkpoint_advisories
debian
debian
[SECURITY] [DLA 1526-1] 389-ds-base security update
2018-09-29 18:39:37
[SECURITY] [DLA 1483-1] 389-ds-base security update
2018-08-30 19:44:04
[SECURITY] [DLA 1428-1] 389-ds-base security update
2018-07-15 20:09:20
osv
osv
389-ds-base - security update
2018-09-29 00:00:00
389-ds-base - security update
2018-08-30 00:00:00
389-ds-base - security update
2018-07-15 00:00:00
7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.025 Low
EPSS
Percentile
90.1%
Related for ALA_ALAS-2018-1094.NASL