Lucene search
RedHatRHSA-2017:0893HistoryApr 11, 2017 - 10:30 a.m.
(RHSA-2017:0893) Important: 389-ds-base security and bug fix update
2017-04-1110:30:44
access.redhat.com
32
0.006 Low
EPSS
Percentile
78.4%
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.
Security Fix(es):
- An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. (CVE-2017-2668)
Red Hat would like to thank Joachim Jabs (F24) for reporting this issue.
Bug Fix(es):
- Previously, the “deref” plug-in failed to dereference attributes that use distinguished name (DN) syntax, such as “uniqueMember”. With this patch, the “deref” plug-in can dereference such attributes and additionally “Name and Optional UID” syntax. As a result, the “deref” plug-in now supports any syntax. (BZ#1435365)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | i686 | 389-ds-base | < 1.2.11.15-91.el6_9 | 389-ds-base-1.2.11.15-91.el6_9.i686.rpm |
| RedHat | 6 | x86_64 | 389-ds-base | < 1.2.11.15-91.el6_9 | 389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm |
| RedHat | 6 | x86_64 | 389-ds-base-debuginfo | < 1.2.11.15-91.el6_9 | 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm |
| RedHat | 6 | x86_64 | 389-ds-base-devel | < 1.2.11.15-91.el6_9 | 389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm |
| RedHat | 6 | i686 | 389-ds-base-debuginfo | < 1.2.11.15-91.el6_9 | 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm |
| RedHat | 6 | i686 | 389-ds-base-devel | < 1.2.11.15-91.el6_9 | 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm |
| RedHat | 6 | i686 | 389-ds-base-libs | < 1.2.11.15-91.el6_9 | 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm |
| RedHat | 6 | x86_64 | 389-ds-base-libs | < 1.2.11.15-91.el6_9 | 389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm |
Related
nessus
nessus
NewStart CGSL MAIN 4.05 : 389-ds-base Vulnerability (NS-SA-2019-0101)
2019-08-12 00:00:00
RHEL 6 : 389-ds-base (RHSA-2017:0893)
2017-04-13 00:00:00
Oracle Linux 7 : 389-ds-base (ELSA-2017-0920)
2017-04-13 00:00:00
redhat
redhat
(RHSA-2017:0920) Important: 389-ds-base security and bug fix update
2017-04-12 10:03:49
centos
centos
389 security update
2017-04-11 17:04:15
389 security update
2017-04-13 10:59:06
prion
prion
Server side request forgery (ssrf)
2018-06-22 13:29:00
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0123)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2017-1087)
2020-01-23 00:00:00
RedHat Update for 389-ds-base RHSA-2017:0920-01
2017-04-13 00:00:00
oraclelinux
oraclelinux
389-ds-base security and bug fix update
2017-04-11 00:00:00
389-ds-base security and bug fix update
2017-04-12 00:00:00
debiancve
debiancve
CVE-2017-2668
2018-06-22 13:29:00
mageia
mageia
Updated 389-ds-base packages fix security vulnerability
2017-05-02 09:37:59
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:16:14
ubuntucve
ubuntucve
CVE-2017-2668
2018-06-22 00:00:00
cvelist
cvelist
CVE-2017-2668
2018-06-22 13:00:00
nvd
nvd
CVE-2017-2668
2018-06-22 13:29:00
cve
cve
CVE-2017-2668
2018-06-22 13:29:00
amazon
amazon
Important: 389-ds-base
2017-04-27 00:02:00
redhatcve
redhatcve
CVE-2017-2668
2019-10-10 04:50:52