26 matches found
SUSE CVE-2019-10171
It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service...
EUVD-2019-2202
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-14648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2021-1058)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1439)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1440)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : 389-ds (SUSE-SU-2019:2155-1)
This update for 389-ds to version 1.4.0.26 fixes the following issues : Security issues fixed : CVE-2016-5416: Fixed an information disclosure where a anonymous user could read the default ACI bsc991201. CVE-2018-1054: Fixed a denial of service via search filters in SetUnicodeStringFromUTF8...
NewStart CGSL CORE 5.04 / MAIN 5.04 : 389-ds-base Vulnerability (NS-SA-2019-0062)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has 389-ds-base packages installed that are affected by a vulnerability: - It was found that a specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could u...
CVE-2019-10171
It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service...
Code injection
It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service...
Denial Of Service (DoS)
389-ds-base is vulnerable to denial of service. It was found that a malicious search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could use this flaw to provoke a denial of service. This vulnerability exists due to an insufficient fix for...
Amazon Linux AMI : 389-ds-base (ALAS-2018-1106)
It was found that a specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could use this flaw to provoke a denial of service.CVE-2018-14648 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...
Medium: 389-ds-base
Issue Overview: It was found that a specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could use this flaw to provoke a denial of service.CVE-2018-14648 Affected Packages: 389-ds-base Issue Correction: Run yum update...
Scientific Linux Security Update : 389-ds-base on SL7.x x86_64 (20181030)
Security Fixes : - 389-ds-base: Mishandled search requests in servers/slapd/search.c:dosearch allows for denial of service CVE-2018-14648 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid119176; scriptversion"1.6";...
CentOS 7 : 389-ds-base (CESA-2018:3127)
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Amazon Linux 2 : 389-ds-base (ALAS-2018-1106)
It was found that a specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could use this flaw to provoke a denial of service.CVE-2018-14648 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...
Medium: 389-ds-base
Issue Overview: It was found that a specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could use this flaw to provoke a denial of service.CVE-2018-14648 Affected Packages: 389-ds-base Note: This advisory is applicable to...
Oracle Linux 7 : 389-ds-base (ELSA-2018-3127)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-3127 advisory. - Resolves: Bug 1595766 - CVE-2018-10871 389-ds-base: replication and the Retro Changelog plugin store plaintext password by default Tenable has extracted the...
RHEL 7 : 389-ds-base (RHSA-2018:3507)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3507 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...
RHEL 7 : 389-ds-base (RHSA-2018:3127)
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...