Scientific Linux Security Update : 389-ds-base on SL7.x x86_64

Medium Nessus Plugin ID 106338

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

Security Fix(es) :

- A stack-based buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
(CVE-2017-15134)

Bug Fix(es) :

- Previously, when a connection received a high operation rate, Directory Server stopped to poll the connection in certain situations. As a consequence, new requests on the connection were not detected and processed. With this update, Directory Server correctly decides whether a connection has to be polled. As a result, connections with a high request rate no longer remain unprocessed.

- Previously, if Directory Server was stopped during an operation which created additional changes in the memory changelog, the Replication Update Vector (RUV) in the changelog was higher than the RUV in the database. As a consequence, Directory Server recreated the changelog when the server started. With this update, the server now writes the highest RUV to the changelog only if there is the highest Change Sequence Number (CSN) present in it. As a result, the database and the changelog RUV are consistent and the server does not need recreating the changelog at start up.

- Due to a bug, using a large number of Class of Service (CoS) templates in Directory Server increased the virtual attribute processing time. This update improves the structure of the CoS storage. As a result, using a large number of CoS templates no longer increases the virtual attribute processing time.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?43abbc7e

Plugin Details

Severity: Medium

ID: 106338

File Name: sl_20180125_389_ds_base_on_SL7_x.nasl

Version: 1.3

Type: local

Agent: unix

Published: 2018/01/25

Modified: 2018/03/27

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSSv3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2018/01/25

Reference Information

CVE: CVE-2017-15134