CentOS Local Security Checks : CentOS Update for 389-ds-base CESA-2013:0503 centos6

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.881658

Kategorie: CentOS Local Security Checks

Titel: CentOS Update for 389-ds-base CESA-2013:0503 centos6

Zusammenfassung: The remote host is missing an update for the '389-ds-base'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the '389-ds-base'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The 389-ds-base packages provide 389 Directory Server, which is an LDAPv3
compliant server. The base packages include the Lightweight Directory
Access Protocol (LDAP) server and command-line utilities for server
administration.

A flaw was found in the way 389 Directory Server enforced ACLs after
performing an LDAP modify relative distinguished name (modrdn) operation.
After modrdn was used to move part of a tree, the ACLs defined on the moved
(Distinguished Name) were not properly enforced until the server was
restarted. This could allow LDAP users to access information that should be
restricted by the defined ACLs. (CVE-2012-4450)

This issue was discovered by Noriko Hosoi of Red Hat.

These updated 389-ds-base packages include numerous bug fixes and
enhancements. Space precludes documenting all of these changes in this
advisory. Users are directed to the Red Hat Enterprise Linux 6.4
Technical Notes, linked to in the References, for information on the most
significant of these changes.

All users of 389-ds-base are advised to upgrade to these updated packages,
which correct this issue and provide numerous bug fixes and enhancements.
After installing this update, the 389 server service will be restarted
automatically.

Affected Software/OS:
389-ds-base on CentOS 6

Solution:
Please install the updated packages.

CVSS Score:
6.0

CVSS Vector:
AV:N/AC:M/Au:S/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2012-4450
50713
http://secunia.com/advisories/50713
55690
http://www.securityfocus.com/bid/55690
RHSA-2013:0503
http://rhn.redhat.com/errata/RHSA-2013-0503.html
[oss-security] 20120926 CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)
http://www.openwall.com/lists/oss-security/2012/09/26/3
[oss-security] 20120926 Re: CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)
http://www.openwall.com/lists/oss-security/2012/09/26/5
http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09
https://bugzilla.redhat.com/show_bug.cgi?id=860772
https://fedorahosted.org/389/ticket/340

Copyright Copyright (C) 2013 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.881658
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for 389-ds-base CESA-2013:0503 centos6
Zusammenfassung:	The remote host is missing an update for the '389-ds-base'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the '389-ds-base' package(s) announced via the referenced advisory. Vulnerability Insight: The 389-ds-base packages provide 389 Directory Server, which is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. A flaw was found in the way 389 Directory Server enforced ACLs after performing an LDAP modify relative distinguished name (modrdn) operation. After modrdn was used to move part of a tree, the ACLs defined on the moved (Distinguished Name) were not properly enforced until the server was restarted. This could allow LDAP users to access information that should be restricted by the defined ACLs. (CVE-2012-4450) This issue was discovered by Noriko Hosoi of Red Hat. These updated 389-ds-base packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes. All users of 389-ds-base are advised to upgrade to these updated packages, which correct this issue and provide numerous bug fixes and enhancements. After installing this update, the 389 server service will be restarted automatically. Affected Software/OS: 389-ds-base on CentOS 6 Solution: Please install the updated packages. CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-4450 50713 http://secunia.com/advisories/50713 55690 http://www.securityfocus.com/bid/55690 RHSA-2013:0503 http://rhn.redhat.com/errata/RHSA-2013-0503.html [oss-security] 20120926 CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible) http://www.openwall.com/lists/oss-security/2012/09/26/3 [oss-security] 20120926 Re: CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible) http://www.openwall.com/lists/oss-security/2012/09/26/5 http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09 https://bugzilla.redhat.com/show_bug.cgi?id=860772 https://fedorahosted.org/389/ticket/340
Copyright	Copyright (C) 2013 Greenbone AG