Amazon Linux AMI : 389-ds-base (ALAS-2013-223)
Medium Nessus Plugin ID 70227
SynopsisThe remote Amazon Linux AMI host is missing a security update.
Descriptionns-slapd in 389 Directory Server before 22.214.171.124 allows remote attackers to cause a denial of service (server crash) via a crafted Distinguished Name (DN) in a MOD operation request.
389 Directory Server does not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.
SolutionRun 'yum update 389-ds-base' to update your system.