Test Kennung:	1.3.6.1.4.1.25623.1.0.882687
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for 389-ds-base CESA-2017:0893 centos6
Zusammenfassung:	Check the version of 389-ds-base
Beschreibung:	Summary: Check the version of 389-ds-base Vulnerability Insight: 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. (CVE-2017-2668) Red Hat would like to thank Joachim Jabs (F24) for reporting this issue. Bug Fix(es): * Previously, the 'deref' plug-in failed to dereference attributes that use distinguished name (DN) syntax, such as 'uniqueMember'. With this patch, the 'deref' plug-in can dereference such attributes and additionally 'Name and Optional UID' syntax. As a result, the 'deref' plug-in now supports any syntax. (BZ#1435365) Affected Software/OS: 389-ds-base on CentOS 6 Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-2668 BugTraq ID: 97524 http://www.securityfocus.com/bid/97524 RedHat Security Advisories: RHSA-2017:0893 https://access.redhat.com/errata/RHSA-2017:0893 RedHat Security Advisories: RHSA-2017:0920 https://access.redhat.com/errata/RHSA-2017:0920
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.