Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2013-0742

Опубликовано: 15 апр. 2013
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2013-0742: 389-ds-base security and bug fix update (LOW)

[1.2.11.15-14]

  • Resolves: Bug 929107 - ns-slapd crashes sporadically with segmentation fault in libslapd.so (ticket 627)
  • Resolves: Bug 929114 - cleanAllRUV task fails to cleanup config upon completion (ticket 623)

[1.2.11.15-13]

  • Resolves: Bug 929114 - cleanAllRUV task fails to cleanup config upon completion (ticket 623)
  • Resolves: Bug 929111 - Coverity issue 13091
  • Resolves: Bug 929196 - Deadlock in DNA plug-in (ticket 634)
  • Resolves: Bug 929107 - ns-slapd crashes sporadically with segmentation fault in libslapd.so (ticket 627)
  • Resolves: Bug 929115 - crash in aci evaluation (ticket 628)
  • Resolves: Bug 923240 - unintended information exposure when anonymous access is set to rootdse (ticket 47308)

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

389-ds-base

1.2.11.15-14.el6_4

389-ds-base-devel

1.2.11.15-14.el6_4

389-ds-base-libs

1.2.11.15-14.el6_4

Oracle Linux i686

389-ds-base

1.2.11.15-14.el6_4

389-ds-base-devel

1.2.11.15-14.el6_4

389-ds-base-libs

1.2.11.15-14.el6_4

Связанные CVE

CVE-2013-1897

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2013-1897

ubuntu
больше 12 лет назад

The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote attackers to obtain sensitive information outside of the rootDSE via a crafted LDAP search.

redhat логотип

CVE-2013-1897

redhat
больше 12 лет назад

The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote attackers to obtain sensitive information outside of the rootDSE via a crafted LDAP search.

nvd логотип

CVE-2013-1897

nvd
больше 12 лет назад

The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote attackers to obtain sensitive information outside of the rootDSE via a crafted LDAP search.

debian логотип

CVE-2013-1897

debian
больше 12 лет назад

The do_search function in ldap/servers/slapd/search.c in 389 Directory ...

github логотип

GHSA-xpx8-wp93-8pmf

github
больше 3 лет назад

The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote attackers to obtain sensitive information outside of the rootDSE via a crafted LDAP search.