Amazon Linux AMI : 389-ds-base (ALAS-2018-955)
High Nessus Plugin ID 106932
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionRemote DoS via search filters in slapi_filter_sprintf in slapd/util.c
A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.(CVE-2017-15134)
SolutionRun 'yum update 389-ds-base' to update your system.