19 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-14624
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when...
Mageia: Security Advisory (MGASA-2018-0404)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1207-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1365)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1357)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : 389-ds (SUSE-SU-2019:1207-2)
This update for 389-ds fixes the following issues : The following security vulnerabilities were addressed : CVE-2018-10850: Fixed a race condition on reference counter that would lead to a denial of service using persistent search bsc1096368 CVE-2017-15134: Fixed a remote denial of service via...
openSUSE: Security Advisory for 389-ds (openSUSE-SU-2019:1397-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : 389-ds (openSUSE-2019-1397)
This update for 389-ds fixes the following issues : The following security vulnerabilities were addressed : - CVE-2018-10850: Fixed a race condition on reference counter that would lead to a denial of service using persistent search bsc1096368 - CVE-2017-15134: Fixed a remote denial of service vi...
Red Hat 389 Directory Server vslapd_log_emergency_error Denial of Service (CVE-2018-14624)
A denial-of-service vulnerability has been reported in 389 Directory Server. The vulnerability is due to improper use of the lock controlling the error log when the log file is reopened. A remote, unauthenticated attacker could send LDAP requests to a very large DN to trigger the vulnerability...
EulerOS 2.0 SP2 : 389-ds-base (EulerOS-SA-2018-1357)
According to the versions of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - race condition on reference counter leads to DoS using persistent search CVE-2018-10850 - Server crash through modify command with large DN...
Updated 389-ds-base packages fix security vulnerabilities
Updated 389-ds-base package fixes security vulnerabilities: a race condition on reference counter leads to DoS using persistent search CVE-2018-10850 ldapsearch with server side sort allows users to cause a crash CVE-2018-10935 a server crash through the modify command with large DN CVE-2018-1462...
CentOS Update for 389-ds-base CESA-2018:2757 centos7
Check the version of 389-ds-base SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882954";...
389 security update
CentOS Errata and Security Advisory CESA-2018:2757 An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
RHEL 7 : 389-ds-base (RHSA-2018:2757)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2757 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP...
Oracle Linux 7 : 389-ds-base (ELSA-2018-2757)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-2757 advisory. 1.3.7.5-28 - Bump version to 1.3.7.5-28 - Resolves: Bug 1628676 - 389-ds-base: race condition on reference counter leads to DoS using persistent search...
Scientific Linux Security Update : 389-ds-base on SL7.x x86_64 (20180925)
Security Fixes : - 389-ds-base: race condition on reference counter leads to DoS using persistent search CVE-2018-10850 - 389-ds-base: ldapsearch with server side sort allows users to cause a crash CVE-2018-10935 - 389-ds-base: Server crash through modify command with large DN CVE-2018-14624 -...
Moderate: Red Hat Security Advisory: 389-ds-base security and bug fix update
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
CVE-2018-14624
A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in logerroremergency. An attacker could send a flood of modifications to a very large DN, which would cause slapd t...
CVE-2018-14624
389-ds-base (LDAP directory server) vulnerable to CVE-2018-14624 in versions 1.3.7.10, 1.3.8.8 and 1.4.0.16 due to improper use of the lock for the error log during log__error_emergency() reopen. An attacker could flood a very large DN, causing slapd to crash (DoS). Connected advisories reference...