Lucene search
OracleLinuxELSA-2024-3837HistoryJun 12, 2024 - 12:00 a.m.
389-ds-base security update
2024-06-1200:00:00
linux.oracle.com
2
security update
version 2.4.5-8
userpassword crash
denial of service
kerberos as-req
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
13.2%
[2.4.5-8]
- Bump version to 2.4.5-8
- Fix License tag
[2.4.5-7] - Bump version to 2.4.5-7
- Resolves: RHEL-34819 - redhat-ds:11/389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c
- Resolves: RHEL-34825 - redhat-ds:11/389-ds-base: potential denial of service via specially crafted kerberos AS-REQ requ
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | 389-ds-base | < 2.4.5-8.el9_4 | 389-ds-base-2.4.5-8.el9_4.src.rpm |
| oracle linux | 9 | src | 389-ds-base | < 2.4.5-8.el9_4 | 389-ds-base-2.4.5-8.el9_4.src.rpm |
| oracle linux | 9 | aarch64 | 389-ds-base | < 2.4.5-8.el9_4 | 389-ds-base-2.4.5-8.el9_4.aarch64.rpm |
| oracle linux | 9 | aarch64 | 389-ds-base-devel | < 2.4.5-8.el9_4 | 389-ds-base-devel-2.4.5-8.el9_4.aarch64.rpm |
| oracle linux | 9 | aarch64 | 389-ds-base-libs | < 2.4.5-8.el9_4 | 389-ds-base-libs-2.4.5-8.el9_4.aarch64.rpm |
| oracle linux | 9 | noarch | python3-lib389 | < 2.4.5-8.el9_4 | python3-lib389-2.4.5-8.el9_4.noarch.rpm |
| oracle linux | 9 | src | 389-ds-base | < 2.4.5-8.el9_4 | 389-ds-base-2.4.5-8.el9_4.src.rpm |
| oracle linux | 9 | src | 389-ds-base | < 2.4.5-8.el9_4 | 389-ds-base-2.4.5-8.el9_4.src.rpm |
| oracle linux | 9 | x86_64 | 389-ds-base | < 2.4.5-8.el9_4 | 389-ds-base-2.4.5-8.el9_4.x86_64.rpm |
| oracle linux | 9 | x86_64 | 389-ds-base-devel | < 2.4.5-8.el9_4 | 389-ds-base-devel-2.4.5-8.el9_4.x86_64.rpm |
Related
rocky
rocky
389-ds-base security update
2024-06-14 14:00:35
nessus
nessus
RHEL 7 : 389-ds-base (RHSA-2024:3591)
2024-06-04 00:00:00
RHEL 9 : 389-ds-base (RHSA-2024:3837)
2024-06-12 00:00:00
CentOS 7 : 389-ds-base (RHSA-2024:3591)
2024-06-13 00:00:00
almalinux
almalinux
Important: 389-ds-base security update
2024-06-11 00:00:00
osv
osv
Important: 389-ds-base security update
2024-06-11 00:00:00
Important: 389-ds-base security update
2024-06-14 14:00:35
oraclelinux
oraclelinux
389-ds-base security update
2024-06-04 00:00:00
debiancve
debiancve
CVE-2024-2199
2024-05-28 12:15:08
CVE-2024-3657
2024-05-28 13:15:11
cvelist
cvelist
redhatcve
redhatcve
CVE-2024-2199
2024-05-28 12:03:21
CVE-2024-3657
2024-05-28 12:52:01
ubuntucve
ubuntucve
CVE-2024-2199
2024-05-28 00:00:00
CVE-2024-3657
2024-05-28 00:00:00
vulnrichment
vulnrichment
cve
cve
CVE-2024-2199
2024-05-28 12:15:08
CVE-2024-3657
2024-05-28 13:15:11
nvd
nvd
CVE-2024-2199
2024-05-28 12:15:08
CVE-2024-3657
2024-05-28 13:15:11
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
13.2%
Related for ELSA-2024-3837