ALAS-2018-1036 --- 389-ds-base
|ID: oval:org.secpod.oval:def:1600895||Date: (C)2018-06-12 (M)2018-07-17|
|Class: PATCH||Family: unix|
It was found that 389-ds-base did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
|Amazon Linux AMI|