27 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-3883
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds...
Oracle Linux 8 : 389-ds:1.4 (ELSA-2019-3401)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3401 advisory. - In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout'...
Debian dla-3399 : 389-ds - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3399 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3399-1 [email protected]...
[SECURITY] [DLA 3399-1] 389-ds-base security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3399-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky April 24, 2023 https://wiki.debian.org/LTS -...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2019-1561)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2019-2369)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2019-1562)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : 389-ds-base (EulerOS-SA-2019-2369)
According to the versions of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different retu...
RHEL 8 : 389-ds:1.4 (RHSA-2019:3401)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3401 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP...
Important: Red Hat Security Advisory: 389-ds:1.4 security, bug fix, and enhancement update
An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
NewStart CGSL CORE 5.05 / MAIN 5.05 : 389-ds-base Vulnerability (NS-SA-2019-0170)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has 389-ds-base packages installed that are affected by a vulnerability: - In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout'...
SUSE SLED15 / SLES15 Security Update : 389-ds (SUSE-SU-2019:2155-1)
This update for 389-ds to version 1.4.0.26 fixes the following issues : Security issues fixed : CVE-2016-5416: Fixed an information disclosure where a anonymous user could read the default ACI bsc991201. CVE-2018-1054: Fixed a denial of service via search filters in SetUnicodeStringFromUTF8...
CentOS 7 : 389-ds-base (CESA-2019:1896)
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Scientific Linux Security Update : 389-ds-base on SL7.x x86_64 (20190729)
Security Fixes : - 389-ds-base: DoS via hanging secured connections CVE-2019-3883 Bug Fixes : - Previously, if you were using the PAM plugin and attempted to bind as a dn that doesn't exist, the server would crash. This has now been fixed. C Tenable Network Security, Inc. The descriptive text is ...
Amazon Linux 2 : 389-ds-base (ALAS-2019-1262)
It was found that encrypted connections did not honor the 'ioblocktimeout' parameter to end blocking requests. As a result, an unauthenticated attacker could repeatedly start a sufficient number of encrypted connections to block all workers, resulting in a denial of service. CVE-2019-3883 C Tenab...
RHEL 7 : 389-ds-base (RHSA-2019:1896)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1896 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...
Medium: 389-ds-base
Issue Overview: It was found that encrypted connections did not honor the 'ioblocktimeout' parameter to end blocking requests. As a result, an unauthenticated attacker could repeatedly start a sufficient number of encrypted connections to block all workers, resulting in a denial of service...
Medium: 389-ds-base
Issue Overview: 1693612: 389-ds-base: DoS via hanging secured connections It was found that encrypted connections did not honor the 'ioblocktimeout' parameter to end blocking requests. As a result, an unauthenticated attacker could repeatedly start a sufficient number of encrypted connections to...
CentOS Update for 389-ds-base CESA-2019:1896 centos7
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
389 security update
CentOS Errata and Security Advisory CESA-2019:1896 An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...