Lucene search
RedHatRHSA-2018:3507HistoryNov 06, 2018 - 2:46 p.m.
(RHSA-2018:3507) Moderate: 389-ds-base security and bug fix update
2018-11-0614:46:40
access.redhat.com
581
0.05 Low
EPSS
Percentile
92.9%
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.
Security Fix(es):
- 389-ds-base: Mishandled search requests in servers/slapd/search.c:do_search() allows for denial of service (CVE-2018-14648)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Previously, the Pass-through plug-in in Directory Server did not support encrypted connections if the encryption was started using the STARTTLS command. The problem has been fixed, and the Pass-through plug-in now supports connections that use the STARTTLS command. (BZ#1635138)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | ppc64le | 389-ds-base-snmp | < 1.3.7.5-29.el7_5 | 389-ds-base-snmp-1.3.7.5-29.el7_5.ppc64le.rpm |
| RedHat | 7 | ppc64le | 389-ds-base | < 1.3.7.5-29.el7_5 | 389-ds-base-1.3.7.5-29.el7_5.ppc64le.rpm |
| RedHat | 7 | ppc64le | 389-ds-base-devel | < 1.3.7.5-29.el7_5 | 389-ds-base-devel-1.3.7.5-29.el7_5.ppc64le.rpm |
| RedHat | 7 | ppc64 | 389-ds-base-devel | < 1.3.7.5-29.el7_5 | 389-ds-base-devel-1.3.7.5-29.el7_5.ppc64.rpm |
| RedHat | 7 | ppc64 | 389-ds-base-libs | < 1.3.7.5-29.el7_5 | 389-ds-base-libs-1.3.7.5-29.el7_5.ppc64.rpm |
| RedHat | 7 | x86_64 | 389-ds-base-snmp | < 1.3.7.5-29.el7_5 | 389-ds-base-snmp-1.3.7.5-29.el7_5.x86_64.rpm |
| RedHat | 7 | x86_64 | 389-ds-base | < 1.3.7.5-29.el7_5 | 389-ds-base-1.3.7.5-29.el7_5.x86_64.rpm |
| RedHat | 7 | ppc64 | 389-ds-base-debuginfo | < 1.3.7.5-29.el7_5 | 389-ds-base-debuginfo-1.3.7.5-29.el7_5.ppc64.rpm |
| RedHat | 7 | ppc64 | 389-ds-base | < 1.3.7.5-29.el7_5 | 389-ds-base-1.3.7.5-29.el7_5.ppc64.rpm |
| RedHat | 7 | s390x | 389-ds-base-devel | < 1.3.7.5-29.el7_5 | 389-ds-base-devel-1.3.7.5-29.el7_5.s390x.rpm |
Related
nvd
nvd
CVE-2018-14648
2018-09-28 13:29:00
CVE-2019-10171
2019-08-02 14:15:14
openvas
openvas
Debian: Security Advisory (DLA-1554-1)
2018-10-25 00:00:00
Mageia: Security Advisory (MGASA-2018-0461)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1440)
2020-01-23 00:00:00
nessus
nessus
EulerOS 2.0 SP2 : 389-ds-base (EulerOS-SA-2018-1439)
2018-12-28 00:00:00
CentOS 7 : 389-ds-base (CESA-2018:3127)
2018-11-16 00:00:00
Amazon Linux AMI : 389-ds-base (ALAS-2018-1106)
2018-12-07 00:00:00
debiancve
debiancve
CVE-2018-14648
2018-09-28 13:29:00
CVE-2019-10171
2019-08-02 14:15:14
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:25:42
Denial Of Service (DoS)
2019-07-22 00:16:24
debian
debian
[SECURITY] [DLA 1554-2] 389-ds-base regression update
2018-10-25 19:20:16
[SECURITY] [DLA 1554-1] 389-ds-base security update
2018-10-25 10:50:47
ubuntucve
ubuntucve
CVE-2018-14648
2018-09-28 00:00:00
CVE-2019-10171
2019-08-02 00:00:00
checkpoint_advisories
checkpoint_advisories
Red Hat 389 Directory Server do_search Denial of Service (CVE-2018-14648)
2019-01-14 00:00:00
centos
centos
389 security update
2018-11-15 18:43:04
amazon
amazon
Medium: 389-ds-base
2018-11-13 17:55:00
Medium: 389-ds-base
2018-12-06 00:18:00
prion
prion
Denial of service
2018-09-28 13:29:00
Code injection
2019-08-02 14:15:00
redhatcve
redhatcve
CVE-2018-14648
2018-09-21 16:20:38
CVE-2019-10171
2019-06-19 15:22:33
cve
cve
CVE-2018-14648
2018-09-28 13:29:00
CVE-2019-10171
2019-08-02 14:15:14
redhat
redhat
(RHSA-2019:1789) Important: 389-ds-base security update
2019-07-16 11:50:21
mageia
mageia
Updated 389-ds-base packages fix security vulnerability
2018-11-20 14:11:24
osv
osv
389-ds-base - security update
2018-10-25 00:00:00
cvelist
cvelist
CVE-2018-14648
2018-09-28 13:00:00
CVE-2019-10171
2019-08-02 13:49:35
oraclelinux
oraclelinux
389-ds-base security, bug fix, and enhancement update
2018-11-05 00:00:00