This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Security Fix(es) :
- An invalid pointer dereference flaw was found in the way
389-ds-base handled LDAP bind requests. A remote
unauthenticated attacker could use this flaw to make
ns-slapd crash via a specially crafted LDAP bind
request, resulting in denial of service. (CVE-2017-2668)
Bug Fix(es) :
- Previously, when adding a filtered role definition that
uses the 'nsrole' virtual attribute in the filter,
Directory Server terminated unexpectedly. A patch has
been applied, and now the roles plug-in ignores all
virtual attributes. As a result, an error message is
logged when an invalid filter is used. Additionally, the
role is deactivated and Directory Server no longer
- In a replication topology, Directory Server incorrectly
calculated the size of string format entries when a lot
of entries were deleted. The calculated size of entries
was smaller than the actual required size. Consequently,
Directory Server allocated insufficient memory and
terminated unexpectedly when the data was written to it.
With this update, the size of string format entries is
now calculated correctly in the described situation and
Directory Server no longer terminates unexpectedly.
See also :
Update the affected packages.
Risk factor :