20 matches found
EUVD-2018-6538
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-1054
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote,...
389 security update
CentOS Errata and Security Advisory CESA-2019:3981 An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
389-ds-base security and bug fix update
1.3.9.1-12 - Bump version to 1.3.9.1-12 - Resolves: Bug 1767622 - CleanAllRUV task limit not enforced 1.3.9.1-11 - Bump version to 1.3.9.1-11 - Resolves: Bug 1748198 - EMBARGOED CVE-2019-14824 389-ds-base: Read permission check bypass via the deref plugin - Resolves: Bug 1754831 - After audit log...
CVE-2017-2668
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...
389 security update
CentOS Errata and Security Advisory CESA-2018:1380 An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Red Hat 389-ds-base Denial of Service Vulnerability (CNVD-2018-09316)
Red Hat 389-ds-base is an American Red Hat package that includes a Linux directory server and a server administration command-line program. A security vulnerability exists in Red Hat 389-ds-base versions prior to 1.4.0.9, prior to 1.3.8.1, and prior to 1.3.6.15. A remote attacker could cause a...
CentOS Update for 389-ds-base CESA-2018:1364 centos6
Check the version of 389-ds-base SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882876";...
CentOS 6 : 389-ds-base (CESA-2018:1364)
An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
389 security update
CentOS Errata and Security Advisory CESA-2018:1364 An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
UBUNTU-CVE-2018-1089
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request,...
CVE-2018-1089
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request,...
Important: Red Hat Security Advisory: 389-ds-base security update
An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
389-ds-base security update
1.2.11.15-95 - Bump version to 1.2.11-15-95 - Resolves: Bug 1562152 - EMBARGOED CVE-2018-1089 389-ds-base: ns-slapd crash via large filter value in ldapsearch...
Amazon Linux AMI : 389-ds-base (ALAS-2018-980)
Authentication bypass due to lack of size check in slapictmemcmp function in chmalloc.c : It was found that 389-ds-base did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use this flaw to bypa...
UBUNTU-CVE-2018-1054
An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial ...
Oracle Linux 6 : 389-ds-base (ELSA-2013-1752)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1752 advisory. - Resolves: bug 1024977 CVE-2013-4485 389-ds-base: DoS due to improper handling of ger attr searches - Resolves: Bug 1000632 - CVE-2013-4283 389-ds-base: ns-sla...
389-ds-base security update
1.2.11.15-30 - Resolves: bug 1024977 CVE-2013-4485 389-ds-base: DoS due to improper handling of ger attr searches 1.2.11.15-29 - Bump version to 1.2.11.15-29 - Resolves: bug 1008013: DS91: ns-slapd stuck in DSSleep 1.2.11.15-28 - Bump version to 1.2.11.15-28 - Resolves: Bug 1016038 - Users from A...
Oracle Linux 6 : 389-ds-base (ELSA-2013-1182)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1182 advisory. - Resolves: Bug 1000631 - CVE-2013-4283 389-ds-base: ns-slapd crash due to bogus DN -- retry Tenable has extracted the preceding description block directly from...
389-ds-base security update
1.2.11.15.22 - Resolves: Bug 1000631 - CVE-2013-4283 389-ds-base: ns-slapd crash due to bogus DN -- retry 1.2.11.15.21 - Resolves: Bug 1000631 - CVE-2013-4283 389-ds-base: ns-slapd crash due to bogus DN...