EUVD-2018-6538

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-1054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote,...

openSUSE: Security Advisory for 389 (SUSE-SU-2024:3843-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : redhat-ds:11 (RHSA-2024:4210)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4210 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol...

SUSE CVE-2018-14638

A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in deletepasswdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service...

389 security update

CentOS Errata and Security Advisory CESA-2019:3981 An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

389-ds-base security and bug fix update

1.3.9.1-12 - Bump version to 1.3.9.1-12 - Resolves: Bug 1767622 - CleanAllRUV task limit not enforced 1.3.9.1-11 - Bump version to 1.3.9.1-11 - Resolves: Bug 1748198 - EMBARGOED CVE-2019-14824 389-ds-base: Read permission check bypass via the deref plugin - Resolves: Bug 1754831 - After audit log...

Denial Of Service (DoS)

389-ds-base is vulnerable to denial of service attacks. A remote, unauthenticated attacker could potentially use the flawed LDAP Search Filter component to make ns-slapd crash via a specially crafted LDAP request resulting in a system crash...

Denial Of Service (DoS)

389-ds-base is vulnerable to denial of service. An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...

DEBIAN-CVE-2018-14638

A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in deletepasswdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service...

CVE-2018-14638

A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in deletepasswdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service...

CVE-2018-14638

The CVE-2018-14638 issue affects 389-ds-base; the root cause is a crash in delete_passwdPolicy when persistent search connections terminate unexpectedly, leading to remote denial of service. The vulnerability is described for versions before 1.3.8.4-13, and multiple connected advisories note fixe...

CVE-2017-2668

389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...

CVE-2017-2668

389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...

CentOS Update for 389-ds-base CESA-2018:1380 centos7

Check the version of 389-ds-base SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882899";...

389 security update

CentOS Errata and Security Advisory CESA-2018:1380 An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

389-ds-base: ns-slapd crash via large filter value in ldapsearch

It was found that 389-ds-base did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial...

389-ds-base security and bug fix update

1.3.7.5-21 - Bump version to 1.3.7.5-21 - Resolves: Bug 1559818 - EMBARGOED CVE-2018-1089 389-ds-base: ns-slapd crash via large filter value in ldapsearch 1.3.7.5-20 - Bump version to 1.3.7.5-20 - Resolves: Bug 1563079 - adjustment of csngenerator can fail so next generated csn can be equal to th...

Red Hat 389-ds-base Denial of Service Vulnerability (CNVD-2018-09316)

Red Hat 389-ds-base is an American Red Hat package that includes a Linux directory server and a server administration command-line program. A security vulnerability exists in Red Hat 389-ds-base versions prior to 1.4.0.9, prior to 1.3.8.1, and prior to 1.3.6.15. A remote attacker could cause a...

Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20180509)

Security Fixes : - 389-ds-base: ns-slapd crash via large filter value in ldapsearch CVE-2018-1089 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid109671; scriptversion"1.6";...