Detections
Analytics

Fedora 21 : 389-ds-base-1.3.3.13-1.fc21 (2015-15128)

high Nessus Plugin ID 86319

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

389-ds-base-1.3.3.13-1.fc21 - release 1.3.3.13 - Ticket 48265 - Complex filter in a search request doen't work as expected.
(regression) - Ticket 47981

 - COS cache doesn't properly mark vattr cache as invalid when there are multiple suffixes - Ticket 48252 - db2index creates index entry from deleted records - Ticket 48228 - wrong password check if passwordInHistory is decreased. - Ticket 48252 - db2index creates index entry from deleted records - Ticket 48254 - CLI db2index fails with usage errors - Ticket 47831 - remove debug logging from retro cl - Ticket 48245 - Man pages and help for remove-ds.pl doesn't display '-a' option - Ticket 47931 - Fix coverity issues - Ticket 47931 - memberOf & retrocl deadlocks - Ticket 48228 - wrong password check if passwordInHistory is decreased. - Ticket 48215 - update dbverify usage in main.c - Ticket 48215 - update dbverify usage - Ticket 48215 - verify_db.pl doesn't verify DB specified by -a option - Ticket 47810 - memberOf plugin not properly rejecting updates - Ticket 48231 - logconv autobind handling regression caused by 47446 - Ticket 48232 - winsync lastlogon attribute not syncing between DS and AD. - Ticket 48206 - Crash during retro changelog trimming - Ticket 48224 - redux 2 - logconv.pl should handle
 *.tar.xz, *.txz, *.xz log files - Ticket 48226 - In MMR, double free coould occur under some special condition - Ticket 48224 - redux - logconv.pl should handle
 *.tar.xz, *.txz, *.xz log files - Ticket 48224

 - redux - logconv.pl should handle *.tar.xz, *.txz, *.xz log files - Ticket 48224 - logconv.pl should handle
 *.tar.xz, *.txz, *.xz log files - Ticket 48192

 - Individual abandoned simple paged results request has no chance to be cleaned up - Ticket 48212 - Dynamic nsMatchingRule changes had no effect on the attrinfo thus following reindexing, as well. - Ticket 48195 - Slow replication when deleting large quantities of multi-valued attributes - Ticket 48175 - Avoid using regex in ACL if possible

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected 389-ds-base package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1232896

http://www.nessus.org/u?647b290f

Plugin Details

Severity: High

ID: 86319

File Name: fedora_2015-15128.nasl

Version: 1.5

Type: local

Agent: unix

Published: 10/9/2015

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:389-ds-base, cpe:/o:fedoraproject:fedora:21

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 10/8/2015

Reference Information

CVE: CVE-2015-3230

FEDORA: 2015-15128