OpenSUSE Linux update for 389-ds
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2017-15134 CVE-2017-15135 CVE-2018-10850 CVE-2018-10935 CVE-2018-14624 |
| CWE-ID | CWE-121 CWE-287 CWE-362 CWE-20 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #4 is available. |
| Vulnerable software Subscribe |
Opensuse Operating systems & Components / Operating system |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Stack-based buffer overflow
EUVDB-ID: #VU10254
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-15134
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to improper handling of Lightweight Directory Access Protocol (LDAP) search filters by the 389-ds-base package. A remote attacker can send a specially crafted LDAP request, trigger a stack-based buffer overflow condition and cause the ns-slapd process to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
Opensuse: 15.0
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper authentication
EUVDB-ID: #VU11126
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:U]
CVE-ID: CVE-2017-15135
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to bypass authentication on the target system.
The weakness exists due to improper handling of internal hash comparison operations. A remote attacker can bypass the authentication process.
Update the affected packages.
Opensuse: 15.0
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Race condition
EUVDB-ID: #VU13395
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-10850
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to a race condition in the way 389-ds-base handles persistent search. A remote attacker can send a specially crafted request that submits malicious input and cause the system to crash.
MitigationUpdate the affected packages.
Opensuse: 15.0
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper input validation
EUVDB-ID: #VU15529
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-10935
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The vulnerability exists due to improper processing of Lightweight Directory Access Protocol (LDAP) queries. A remote attacker can send execute the ldapsearch command with server-side sorting controls and cause the LDAP server to crash, resulting in a DoS condition.
MitigationUpdate the affected packages.
Opensuse: 15.0
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
5) Improper input validation
EUVDB-ID: #VU15561
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-14624
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to incorrect use of the lock controlling error log when re-opening the log file in log__error_emergency(. A remote attacker can send a flood of modifications to a very large DN and cause the slapd to crash.
Update the affected packages.
Opensuse: 15.0
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
