Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Low: 389-ds-base security and bug fix update

Related Vulnerabilities: CVE-2013-1897   CVE-2013-1897  

Source

Synopsis

Low: 389-ds-base security and bug fix update

Type/Severity

Security Advisory: Low

Topic

Updated 389-ds-base packages that fix one security issue and several bugs
are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Description

The 389 Directory Server is an LDAPv3 compliant server. The base packages
include the Lightweight Directory Access Protocol (LDAP) server and
command-line utilities for server administration.

It was found that the 389 Directory Server did not properly restrict access
to entries when the "nsslapd-allow-anonymous-access" configuration setting
was set to "rootdse". An anonymous user could connect to the LDAP database
and, if the search scope is set to BASE, obtain access to information
outside of the rootDSE. (CVE-2013-1897)

This issue was discovered by Martin Kosek of Red Hat.

This update also fixes the following bugs:

  • Previously, the schema-reload plug-in was not thread-safe. Consequently,
    executing the schema-reload.pl script under heavy load could have caused
    the ns-slapd process to terminate unexpectedly with a segmentation fault.
    Currently, the schema-reload plug-in is re-designed so that it is
    thread-safe, and the schema-reload.pl script can be executed along with
    other LDAP operations. (BZ#929107)
  • An out of scope problem for a local variable, in some cases, caused the
    modrdn operation to terminate unexpectedly with a segmentation fault. This
    update declares the local variable at the proper place of the function so
    it does not go out of scope, and the modrdn operation no longer crashes.
    (BZ#929111)
  • A task manually constructed an exact value to be removed from the
    configuration if the "replica-force-cleaning" option was used.
    Consequently, the task configuration was not cleaned up, and every time the
    server was restarted, the task behaved in the described manner. This update
    searches the configuration for the exact value to delete, instead of
    manually building the value, and the task does not restart when the server
    is restarted. (BZ#929114)
  • Previously, a NULL pointer dereference could have occurred when
    attempting to get effective rights on an entry that did not exist, leading
    to an unexpected termination due to a segmentation fault. This update
    checks for NULL entry pointers and returns the appropriate error. Now,
    attempts to get effective rights on an entry that does not exist no longer
    causes crashes, and the server returns the appropriate error message.
    (BZ#929115)
  • A problem in the lock timing in the DNA plug-in caused a deadlock if the
    DNA operation was executed with other plug-ins. This update moves the
    release timing of the problematic lock, and the DNA plug-in does not cause
    the deadlock. (BZ#929196)

All 389-ds-base users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. After installing
this update, the 389 server service will be restarted automatically.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Server - Extended Update Support 6.4 x86_64
  • Red Hat Enterprise Linux Server - Extended Update Support 6.4 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux for Scientific Computing 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 i386
  • Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.4 x86_64
  • Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.4 i386
  • Red Hat Gluster Storage Server for On-premise 2.1 x86_64
  • Red Hat Storage for Public Cloud (via RHUI) 2.1 x86_64
  • Red Hat Enterprise Linux Server - AUS 6.4 x86_64

Fixes

  • BZ - 928105 - CVE-2013-1897 389-ds: unintended information exposure when rootdse is enabled
  • BZ - 929111 - Crash in MODRDN
  • BZ - 929114 - cleanAllRUV task fails to cleanup config upon completion
  • BZ - 929115 - crash in aci evaluation

CVEs

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started