MiracleLinux 4 : 389-ds-base-1.2.11.15-94.AXS4 (AXSA:2018-2619:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2619:01 advisory. 389-ds-base: remote Denial of Service DoS via search filters in SetUnicodeStringFromUTF8 in collate.c CVE-2018-1054 389-ds-base: Authentication bypa...

Linux Distros Unpatched Vulnerability : CVE-2018-1054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote,...

Mageia: Security Advisory (MGASA-2018-0162)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1076)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1077)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : 389-ds (SUSE-SU-2019:2155-1)

This update for 389-ds to version 1.4.0.26 fixes the following issues : Security issues fixed : CVE-2016-5416: Fixed an information disclosure where a anonymous user could read the default ACI bsc991201. CVE-2018-1054: Fixed a denial of service via search filters in SetUnicodeStringFromUTF8...

NewStart CGSL MAIN 4.05 : 389-ds-base Multiple Vulnerabilities (NS-SA-2019-0123)

The remote NewStart CGSL host, running version MAIN 4.05, has 389-ds-base packages installed that are affected by multiple vulnerabilities: - An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentiall...

NewStart CGSL MAIN 5.04 : 389-ds-base Multiple Vulnerabilities (NS-SA-2019-0009)

The remote NewStart CGSL host, running version MAIN 5.04, has 389-ds-base packages installed that are affected by multiple vulnerabilities: - An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentiall...

Debian: Security Advisory (DLA-1428-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : 389-ds-base (ALAS-2018-980)

Authentication bypass due to lack of size check in slapictmemcmp function in chmalloc.c : It was found that 389-ds-base did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use this flaw to bypa...

CentOS 6 : 389-ds-base (CESA-2018:0515)

An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

389 security update

CentOS Errata and Security Advisory CESA-2018:0515 An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CentOS Update for 389-ds-base CESA-2018:0414 centos7

Check the version of 389-ds-base SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882851";...

Important: Red Hat Security Advisory: 389-ds-base security update

An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

389-ds-base security update

1.2.11-15-94 - Release 1.2.11.15-94 - Resolves: Bug 1544415 - CVE-2017-15135 389-ds-base: Authentication bypass due to lack of size check in slapictmemcmp function in chmalloc.c fix cherry-pick error 1.2.11-15-93 - Release 1.2.11.15-93 - Resolves: Bug 1544415 - CVE-2017-15135 389-ds-base:...

CentOS 7 : 389-ds-base (CESA-2018:0414)

An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

MGASA-2018-0162 Updated 389-ds-base packages fix CVE-2018-1054

389-ds-base has been updated to fix a security issue. A flaw was found in 389 Directory Server that affects all versions. An improper handling of the search feature with an extended filter, when read access on is enabled, in SetUnicodeStringFromUTF8 function in collate.c, can lead to out-of-bound...

CVE-2018-1054

An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial ...

CVE-2018-1054

An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial ...

389-ds-base security and bug fix update

1.3.6.1-28 - Bump version to 1.3.6.1-28 - Resolves: Bug 1540105 - CVE-2018-1054 - remote Denial of Service DoS via search filters in SetUnicodeStringFromUTF8 1.3.6.1-27 - Bump version to 1.3.6.1-27 - Resolves: Bug 1536343 - Indexing of internationalized matching rules is failing - Resolves: Bug...