Detections
Analytics
SUSE SLES15 Security Update : 389-ds (SUSE-SU-2026:1753-1)
high Nessus Plugin ID 313635
Synopsis
The remote SUSE host is missing a security update.Description
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1753-1 advisory.Update to version 2.0.20~git89.937b1f291.
Security issues fixed:
- CVE-2025-14905: heap buffer overflow due to improper size calculation in `schema_attr_enum_callback` callback (bsc#1258727).
Other updates and bugfixes:
- Issue 7224 - CI Test - Simplify `test_reserve_descriptor_validation` (#7225).
- Issue 7189 - DSBLE0007 generates incorrect remediation commands for scan limits.
- Issue 7172 - (2nd) Index ordering mismatch after upgrade (#7180).
- Issue 7172 - Index ordering mismatch after upgrade (#7173).
- Issue 7096 - During replication online total init the function idl_id_is_in_idlist is not scaling with large database (#7145).
- Issue 7091 - Duplicate local password policy entries listed (#7092).
- Issue 7124 - BDB cursor race condition with transaction isolation (#7125).
- Issue 7121 - LeakSanitizer: various leaks during replication (#7122).
- Issue 7115 - LeakSanitizer: leak in `slapd_bind_local_user()` (#7116).
- Issue 7109 - AddressSanitizer: SEGV `ldap/servers/slapd/csnset.c:302` in `csnset_dup` (#7114).
- Issue 7056 - DSBLE0007 doesn't generate remediation steps for missing indexes.
- Issue 6846 - Attribute uniqueness is not enforced with modrdn (#7026).
- Issue 7055 - Online initialization of consumers fails with error `-23` (#7075).
- Issue 7065 - A search filter containing a non normalized DN assertion does not return matching entries (#7068).
- Issue 7032 - The new ipahealthcheck test ipahealthcheck.ds.backends.BackendsCheck raises CRITICAL issue (#7036).
- Issue 6966 - On large DB, unlimited IDL scan limit reduce the SRCH performance (#6967).
- Issue 6848 - AddressSanitizer: leak in `do_search`.
- Issue 6928 - The `parentId` attribute is indexed with improper matching rule.
- Issue 6933 - When deferred `memberof` update is enabled after the server crashed it should not launch memberof fixup task by default (#6935).
- Issue 6929 - Compilation failure with `rust-1.89` on Fedora ELN.
- Issue 6859 - `str2filter` is not fully applying matching rules.
- Issue 6857 - `uiduniq`: allow specifying match rules in the filter.
- Issue 6893 - Log user that is updated during password modify extended operation.
- Issue 6680 - instance read-only mode is broken (#6681).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected 389-ds, 389-ds-devel, lib389 and / or libsvrcore0 packages.See Also
https://bugzilla.suse.com/1258727
https://lists.suse.com/pipermail/sle-updates/2026-May/046310.html
Plugin Details
Severity: High
ID: 313635
File Name: suse_SU-2026-1753-1.nasl
Version: 1.1
Type: Local
Agent: unix
Family: SuSE Local Security Checks
Published: 5/10/2026
Updated: 5/10/2026
Supported Sensors: Nessus Agent, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 8.3
Temporal Score: 6.1
Vector: CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:C
CVSS Score Source: CVE-2025-14905
CVSS v3
Risk Factor: High
Base Score: 7.2
Temporal Score: 6.3
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:libsvrcore0, p-cpe:/a:novell:suse_linux:389-ds-devel, p-cpe:/a:novell:suse_linux:389-ds, p-cpe:/a:novell:suse_linux:lib389, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 5/7/2026
Vulnerability Publication Date: 2/23/2026
Reference Information
CVE: CVE-2025-14905
SuSE: SUSE-SU-2026:1753-1