Описание
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| 389-ds-base | fixed | 2.0.15-1 | package | |
| 389-ds-base | not-affected | stretch | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=2030307
Introduced by: https://github.com/389ds/389-ds-base/commit/74c666b83e3e1789c2ef3f7935c327bd7555193e (389-ds-base-1.3.6.4)
Fixed by: https://github.com/389ds/389-ds-base/commit/3553bce44d95e70f2cf13f26bb8866ecde9f7a7b (389-ds-base-2.0.15)
Fixed by: https://github.com/389ds/389-ds-base/commit/a3c298f8140d3e4fa1bd5a670f1bb965a21a9b7b (389-ds-base-2.2.0)
Связанные уязвимости
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash.
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash.
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash.
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash.