Lucene search
RedHatRHSA-2018:0515HistoryMar 13, 2018 - 5:31 p.m.
(RHSA-2018:0515) Important: 389-ds-base security update
2018-03-1317:31:33
access.redhat.com
55
0.008 Low
EPSS
Percentile
81.4%
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.
Security Fix(es):
-
389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c (CVE-2018-1054)
-
389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c (CVE-2017-15135)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
The CVE-2017-15135 issue was discovered by Martin Poole (Red Hat).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | i686 | 389-ds-base-libs | < 1.2.11.15-94.el6_9 | 389-ds-base-libs-1.2.11.15-94.el6_9.i686.rpm |
| RedHat | 6 | x86_64 | 389-ds-base | < 1.2.11.15-94.el6_9 | 389-ds-base-1.2.11.15-94.el6_9.x86_64.rpm |
| RedHat | 6 | i686 | 389-ds-base-devel | < 1.2.11.15-94.el6_9 | 389-ds-base-devel-1.2.11.15-94.el6_9.i686.rpm |
| RedHat | 6 | i686 | 389-ds-base-debuginfo | < 1.2.11.15-94.el6_9 | 389-ds-base-debuginfo-1.2.11.15-94.el6_9.i686.rpm |
| RedHat | 6 | x86_64 | 389-ds-base-devel | < 1.2.11.15-94.el6_9 | 389-ds-base-devel-1.2.11.15-94.el6_9.x86_64.rpm |
| RedHat | 6 | x86_64 | 389-ds-base-debuginfo | < 1.2.11.15-94.el6_9 | 389-ds-base-debuginfo-1.2.11.15-94.el6_9.x86_64.rpm |
| RedHat | 6 | i686 | 389-ds-base | < 1.2.11.15-94.el6_9 | 389-ds-base-1.2.11.15-94.el6_9.i686.rpm |
| RedHat | 6 | x86_64 | 389-ds-base-libs | < 1.2.11.15-94.el6_9 | 389-ds-base-libs-1.2.11.15-94.el6_9.x86_64.rpm |
Related
nessus
nessus
EulerOS 2.0 SP1 : 389-ds-base (EulerOS-SA-2018-1076)
2018-05-02 00:00:00
EulerOS 2.0 SP2 : 389-ds-base (EulerOS-SA-2018-1077)
2018-05-02 00:00:00
Amazon Linux 2 : 389-ds-base (ALAS-2018-980)
2018-04-18 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1076)
2020-01-23 00:00:00
CentOS Update for 389-ds-base CESA-2018:0515 centos6
2018-03-15 00:00:00
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1077)
2020-01-23 00:00:00
amazon
amazon
Important: 389-ds-base
2018-04-05 15:55:00
Important: 389-ds-base
2018-03-21 22:56:00
centos
centos
389 security update
2018-03-10 01:08:03
389 security update
2018-03-14 14:47:19
oraclelinux
oraclelinux
389-ds-base security and bug fix update
2018-03-07 00:00:00
389-ds-base security update
2018-03-13 00:00:00
redhat
redhat
(RHSA-2018:0414) Important: 389-ds-base security and bug fix update
2018-03-06 18:37:02
redhatcve
redhatcve
CVE-2017-15135
2018-01-23 04:49:37
CVE-2018-1054
2019-10-05 08:01:51
cvelist
cvelist
CVE-2017-15135
2018-01-24 15:00:00
CVE-2018-1054
2018-03-05 00:00:00
cve
cve
CVE-2017-15135
2018-01-24 15:29:01
CVE-2018-1054
2018-03-07 13:29:00
prion
prion
Authentication flaw
2018-01-24 15:29:00
Design/Logic Flaw
2018-03-07 13:29:00
mageia
mageia
Updated 389-ds-base packages fix security vulnerability
2018-04-07 01:54:47
Updated 389-ds-base packages fix CVE-2018-1054
2018-03-07 23:37:26
Updated 389-ds-base packages fix security vulnerabilities
2019-12-25 22:08:41
f5
f5
K17597093 : 389-ds-base vulnerability CVE-2017-15135
2018-02-13 00:00:00
nvd
nvd
CVE-2017-15135
2018-01-24 15:29:01
CVE-2018-1054
2018-03-07 13:29:00
veracode
veracode
Authentication Bypass
2019-01-15 09:21:07
Denial Of Service (DoS)
2019-05-16 02:49:32
debiancve
debiancve
CVE-2017-15135
2018-01-24 15:29:01
CVE-2018-1054
2018-03-07 13:29:00
ubuntucve
ubuntucve
suse
suse
Security update for 389-ds (important)
2019-05-15 00:00:00
debian
debian
[SECURITY] [DLA 1428-1] 389-ds-base security update
2018-07-15 20:09:20
osv
osv
389-ds-base - security update
2018-07-15 00:00:00