Описание
ELSA-2018-1364: 389-ds-base security update (IMPORTANT)
[1.2.11.15-95]
- Bump version to 1.2.11-15-95
- Resolves: Bug 1562152 - EMBARGOED CVE-2018-1089 389-ds-base: ns-slapd crash via large filter value in ldapsearch
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
389-ds-base
1.2.11.15-95.el6_9
389-ds-base-devel
1.2.11.15-95.el6_9
389-ds-base-libs
1.2.11.15-95.el6_9
Oracle Linux i686
389-ds-base
1.2.11.15-95.el6_9
389-ds-base-devel
1.2.11.15-95.el6_9
389-ds-base-libs
1.2.11.15-95.el6_9
Связанные CVE
Связанные уязвимости
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properl ...
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.