25 matches found
Alibaba Cloud Linux 3 : 0178: 389-ds:1.4 (ALINUX3-SA-2026:0178)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0178 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-9064: A flaw was found in 389-ds-base. The...
SUSE-SU-2026:22333-1 Security update for 389-ds
This update for 389-ds fixes the following issue - CVE-2026-9064: unbounded LDAP controls count in getldapmessagecontrolsext can lead to amplified CPU time and heap allocation and a denial of service bsc1265898. Changes for 389-ds: - Update to version 3.0.6git337.647f49042: Issue 7541 -...
OPENSUSE-SU-2026:21011-1 Security update for 389-ds
This update for 389-ds fixes the following issue - CVE-2026-9064: unbounded LDAP controls count in getldapmessagecontrolsext can lead to amplified CPU time and heap allocation and a denial of service bsc1265898. Changes for 389-ds: - Update to version 3.0.6git337.647f49042: Issue 7541 -...
RockyLinux 8 : 389-ds:1.4 (RLSA-2026:26459)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26459 advisory. 389-ds-base: 389-ds-base: unbounded LDAP controls count in getldapmessagecontrolsext causes CPU and heap amplification remote DoS CVE-2026-9064 Tenable has...
RockyLinux 10 : 389-ds-base (RLSA-2026:26456)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26456 advisory. 389-ds-base: 389-ds-base: unbounded LDAP controls count in getldapmessagecontrolsext causes CPU and heap amplification remote DoS CVE-2026-9064 Bug Fixes and...
389-ds:1.4 security update
An update is available for 389-ds-base, module.389-ds-base. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list 389 Directory Server is an LDAP version 3 LDAPv3...
Important: Red Hat Security Advisory: redhat-ds:12 security update
An update for the redhat-ds:12 module is now available for Red Hat Directory Server 12.2 E4S for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)
A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...
Important: Red Hat Security Advisory: 389-ds-base security, bug fix, and enhancement update
An update for 389-ds-base is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)
A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...
389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)
A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...
389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)
A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...
RHEL 10 : 389-ds-base (RHSA-2026:26457)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26457 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server...
RHEL 9 : 389-ds-base (RHSA-2026:26464)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26464 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server a...
RHEL 8 : redhat-ds:11 (RHSA-2026:26461)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26461 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol LDAP...
Important: 389-ds:1.4 security update
389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: 389-ds-base: unbounded LDAP controls count in...
SUSE-SU-2026:2419-1 Security update for 389-ds
This update for 389-ds fixes the following issue Update to 2.7.0git193.9ab79d496: - CVE-2026-9064: unbounded LDAP controls count in getldapmessagecontrolsext can lead to amplified CPU time and heap allocation and a denial of service bsc1265898. Changelog: Issue 7503 - CVE-2026-9064 - Add a limit ...
SUSE-SU-2026:2418-1 Security update for 389-ds
This update for 389-ds fixes the following issue Update to 2.2.10git229.1fa7ffdb4: - CVE-2026-9064: unbounded LDAP controls count in getldapmessagecontrolsext can lead to amplified CPU time and heap allocation and a denial of service bsc1265898. Changelog: Issue 7503 - CVE-2026-9064 - Add a limit...
SUSE SLES15 Security Update : 389-ds (SUSE-SU-2026:2316-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2316-1 advisory. This update for 389-ds fixes the following issue - CVE-2026-9064: unbounded LDAP controls count in getldapmessagecontrolsext can lead to...
Amazon Linux 2 : 389-ds-base, --advisory ALAS2-2026-3339 (ALAS-2026-3339)
The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3339 advisory. A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound ...