Download
| Alert*
|
oval:org.secpod.oval:def:503425
389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. The following packages have been upgraded to a later upstream version: 389-ds-base . Security Fix: * 389-ds- ... oval:org.secpod.oval:def:1601040 1693612: 389-ds-base: DoS via hanging secured connectionsIt was found that encrypted connections did not honor the 'ioblocktimeout' parameter to end blocking requests. As a result, an unauthenticated attacker could repeatedly start a sufficient number of encrypted connections to block all ... oval:org.secpod.oval:def:1601090 389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective changelog files. An attacker with sufficiently hig ... oval:org.secpod.oval:def:66465 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. The following packages have been upgraded to a later upstream version: 389-ds-base . Security Fix: * 389-ds- ... oval:org.secpod.oval:def:89050591 This update for 389-ds to version 1.4.0.26 fixes the following issues: Security issues fixed: - CVE-2016-5416: Fixed an information disclosure where a anonymous user could read the default ACI . - CVE-2018-1054: Fixed a denial of service via search filters in SetUnicodeStringFromUTF_8 . - CVE-2018-1 ... oval:org.secpod.oval:def:1700201 It was found that encrypted connections did not honor the #039;ioblocktimeout#039; parameter to end blocking requests. As a result, an unauthenticated attacker could repeatedly start a sufficient number of encrypted connections to block all workers, resulting in a denial of service oval:org.secpod.oval:def:205246 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * 389-ds-base: DoS via hanging secured connections For more details about the security issue, ... oval:org.secpod.oval:def:503209 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * 389-ds-base: DoS via hanging secured connections For more details about the security issue, ... oval:org.secpod.oval:def:1502586 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505307 The advisory is missing the security advisory description. For more information please visit the reference link |
