Scientific Linux Security Update : 389-ds-base on SL7.x x86_64

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

An infinite-loop vulnerability was discovered in the 389 directory
server, where the server failed to correctly handle unexpectedly
closed client connections. A remote attacker able to connect to the
server could use this flaw to make the directory server consume an
excessive amount of CPU and stop accepting connections (denial of
service). (CVE-2016-0741)

This update fixes the following bugs :

- Previously, if a simple paged results search failed in
the back end, the simple paged results slot was not
released. Consequently, the simple paged results slots
in a connection object could be accumulated. With this
update, the simple paged results slot is released
correctly when a search fails, and unused simple paged
results slots are no longer left in a connection object.

- Previously, when several values of the same attribute
were deleted using the ldapmodify command, and at least
one of them was added again during the same operation,
the equality index was not updated. As a consequence, an
exact search for the re-added attribute value did not
return the entry. The logic of the index code has been
modified to update the index if at least one of the
values in the entry changes, and the exact search for
the re-added attribute value now returns the correct
entry.

- Prior to this update, when the cleanAllRUV task was
running, a bogus attrlist_replace error message was
logged repeatedly due to a memory corruption. With this
update, the appropriate memory copy function memmove is
used, which fixes the memory corruption. As a result,
the error messages are no longer logged in this
scenario.

- To fix a simple paged results bug, an exclusive lock on
a connection was previously added. This consequently
caused a self deadlock in a particular case. With this
update, the exclusive lock on a connection has been
changed to the re-entrant type, and the self deadlock no
longer occurs.

- Previously, an unnecessary lock was sometimes acquired
on a connection object, which could consequently cause a
deadlock. A patch has been applied to remove the
unnecessary locking, and the deadlock no longer occurs.

After installing this update, the 389 server service will be restarted
automatically.

See also :

http://www.nessus.org/u?4fc3c5d8

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 88795 ()

Bugtraq ID:

CVE ID: CVE-2016-0741

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now