19 matches found
MiracleLinux 7 : 389-ds-base-1.3.5.10-20.el7 (AXSA:2017-1608:03)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1608:03 advisory. 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. Security...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2017-1087)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-2668
An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...
DEBIAN-CVE-2017-2668
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...
UBUNTU-CVE-2017-2668
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...
CVE-2017-2668
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...
CVE-2017-2668
CVE-2017-2668 affects 389-ds-base before 1.3.5.17 and 1.3.6.10, where an invalid pointer dereference in LDAP bind handling allows remote unauthenticated attackers to crash ns-slapd, causing denial of service. Affected product is 389 Directory Server; impact is denial of service via crafted LDAP b...
openSUSE Security Update : 389-ds (openSUSE-2017-1396)
This update for 389-ds fixes the following issues : - CVE-2017-7551: 389-ds-base: Password brute-force possible for locked account due to different return codes bsc1051997 - CVE-2016-4992: 389-ds: Information disclosure via repeated use of LDAP ADD operation bsc997256 - CVE-2016-5405: 389-ds:...
Virtuozzo 6 : 389-ds-base / 389-ds-base-devel / 389-ds-base-libs (VZLSA-2017-0893)
An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Virtuozzo 7 : 389-ds-base / 389-ds-base-devel / 389-ds-base-libs / etc (VZLSA-2017-0920)
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Amazon Linux AMI : 389-ds-base (ALAS-2017-824)
Remote crash via crafted LDAP messages : An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...
Important: 389-ds-base
Issue Overview: Remote crash via crafted LDAP messages: An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of...
CentOS 7 : 389-ds-base (CESA-2017:0920)
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
RHEL 7 : 389-ds-base (RHSA-2017:0920)
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
RHEL 6 : 389-ds-base (RHSA-2017:0893)
An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
RedHat Update for 389-ds-base RHSA-2017:0893-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20170411)
Security Fixes : - An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. CVE-2017-2668 Bug Fixes : -...
Oracle Linux 6 : 389-ds-base (ELSA-2017-0893)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-0893 advisory. - Resolves: bug 1437777 - EMBARGOED CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages Tenable has extracted the preceding description block...
389-ds-base security and bug fix update
1.3.5.10-20 - Bump version to 1.3.5.10-20 - Resolves: bug 1437005 - CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages 1.3.5.10-19 - Release 1.3.5.10-19 - Resolves: bug 1429495 - ns-slapd dies under heavy load - Resolves: bug 1429498 - A filtered nsrole that specifies an empty nsro...