[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

111818

 
 

909

 
 

87315

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2018-1036 --- 389-ds-base

ID: oval:org.secpod.oval:def:1600895Date: (C)2018-06-12   (M)2018-07-17
Class: PATCHFamily: unix




It was found that 389-ds-base did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.

Platform:
Amazon Linux AMI
Product:
389-ds-base
Reference:
ALAS-2018-1036
CVE-2018-1089
CVE    1
CVE-2018-1089
CPE    8
cpe:/a:fedoraproject:389_directory_server
cpe:/o:redhat:enterprise_linux_server:6.0
cpe:/o:redhat:enterprise_linux_server:7.0
cpe:/o:redhat:enterprise_linux_workstation:6.0
...

© SecPod Technologies