CentOS Local Security Checks : CentOS Update for 389-ds-base CESA-2018:0163 centos7

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.882838

Kategorie: CentOS Local Security Checks

Titel: CentOS Update for 389-ds-base CESA-2018:0163 centos7

Zusammenfassung: Check the version of 389-ds-base

Beschreibung: Summary:
Check the version of 389-ds-base

Vulnerability Insight:
389 Directory Server is an LDAP version 3
(LDAPv3) compliant server. The base packages include the Lightweight Directory
Access Protocol (LDAP) server and command-line utilities for server administration.

Security Fix(es):

* A stack buffer overflow flaw was found in the way 389-ds-base handled
certain LDAP search filters. A remote, unauthenticated attacker could
potentially use this flaw to make ns-slapd crash via a specially crafted
LDAP request, thus resulting in denial of service. (CVE-2017-15134)

Bug Fix(es):

* Previously, when a connection received a high operation rate, Directory
Server stopped to poll the connection in certain situations. As a
consequence, new requests on the connection were not detected and
processed. With this update, Directory Server correctly decides whether a
connection has to be polled. As a result, connections with a high request
rate no longer remain unprocessed. (BZ#1523505)

* Previously, if Directory Server was stopped during an operation which
created additional changes in the memory changelog, the Replication Update
Vector (RUV) in the changelog was higher than the RUV in the database. As a
consequence, Directory Server recreated the changelog when the server
started. With this update, the server now writes the highest RUV to the
changelog only if there is the highest Change Sequence Number (CSN) present
in it. As a result, the database and the changelog RUV are consistent and
the server does not need recreating the changelog at start up. (BZ#1523507)

* Due to a bug, using a large number of Class of Service (CoS) templates in
Directory Server increased the virtual attribute processing time. This
update improves the structure of the CoS storage. As a result, using a
large number of CoS templates no longer increases the virtual attribute
processing time. (BZ#1526928)

Affected Software/OS:
389-ds-base on CentOS 7

Solution:
Please Install the Updated Packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-15134
BugTraq ID: 102790
http://www.securityfocus.com/bid/102790
https://pagure.io/389-ds-base/c/6aa2acdc3cad9
https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html
RedHat Security Advisories: RHSA-2018:0163
https://access.redhat.com/errata/RHSA-2018:0163
SuSE Security Announcement: openSUSE-SU-2019:1397 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html

Copyright Copyright (C) 2018 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.882838
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for 389-ds-base CESA-2018:0163 centos7
Zusammenfassung:	Check the version of 389-ds-base
Beschreibung:	Summary: Check the version of 389-ds-base Vulnerability Insight: 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service. (CVE-2017-15134) Bug Fix(es): * Previously, when a connection received a high operation rate, Directory Server stopped to poll the connection in certain situations. As a consequence, new requests on the connection were not detected and processed. With this update, Directory Server correctly decides whether a connection has to be polled. As a result, connections with a high request rate no longer remain unprocessed. (BZ#1523505) * Previously, if Directory Server was stopped during an operation which created additional changes in the memory changelog, the Replication Update Vector (RUV) in the changelog was higher than the RUV in the database. As a consequence, Directory Server recreated the changelog when the server started. With this update, the server now writes the highest RUV to the changelog only if there is the highest Change Sequence Number (CSN) present in it. As a result, the database and the changelog RUV are consistent and the server does not need recreating the changelog at start up. (BZ#1523507) * Due to a bug, using a large number of Class of Service (CoS) templates in Directory Server increased the virtual attribute processing time. This update improves the structure of the CoS storage. As a result, using a large number of CoS templates no longer increases the virtual attribute processing time. (BZ#1526928) Affected Software/OS: 389-ds-base on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-15134 BugTraq ID: 102790 http://www.securityfocus.com/bid/102790 https://pagure.io/389-ds-base/c/6aa2acdc3cad9 https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html RedHat Security Advisories: RHSA-2018:0163 https://access.redhat.com/errata/RHSA-2018:0163 SuSE Security Announcement: openSUSE-SU-2019:1397 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html
Copyright	Copyright (C) 2018 Greenbone AG