OpenSUSE Linux update for 389-ds

Published: 2019-05-15 22:31:07
Severity Medium
Patch available YES
Number of vulnerabilities 5
CVE ID CVE-2017-15134
CVE-2017-15135
CVE-2018-10850
CVE-2018-10935
CVE-2018-14624
CVSSv3 6.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
6.5 [CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:U]
7.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.9 [CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
6.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CWE ID CWE-121
CWE-287
CWE-362
CWE-20
Exploitation vector Network
Public exploit Public exploit code for vulnerability #4 is available.
Vulnerable software Opensuse
Vulnerable software versions Opensuse 15.0
Vendor URL Novell

Security Advisory

1) Stack-based buffer overflow

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to improper handling of Lightweight Directory Access Protocol (LDAP) search filters by the 389-ds-base package. A remote attacker can send a specially crafted LDAP request, trigger a stack-based buffer overflow condition and cause the ns-slapd process to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Update the affected packages.

External links

https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html

2) Improper authentication

Description

The vulnerability allows a remote unauthenticated attacker to bypass authentication on the target system.

The weakness exists due to improper handling of internal hash comparison operations. A remote attacker can bypass the authentication process.

Remediation

Update the affected packages.

External links

https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html

3) Race condition

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to a race condition in the way 389-ds-base handles persistent search. A remote attacker can send a specially crafted request that submits malicious input and cause the system to crash.

Remediation

Update the affected packages.

External links

https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html

4) Improper input validation

Description

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The vulnerability exists due to improper processing of Lightweight Directory Access Protocol (LDAP) queries. A remote attacker can send execute the ldapsearch command with server-side sorting controls and cause the LDAP server to crash, resulting in a DoS condition.

Remediation

Update the affected packages.

External links

https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html

5) Improper input validation

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to incorrect use of the lock controlling error log when re-opening the log file in log__error_emergency(. A remote attacker can send a flood of modifications to a very large DN and cause the slapd to crash.

Remediation

Update the affected packages.

External links

https://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html

Back to List