![]() |
|
Date: Wed, 26 Sep 2012 09:29:27 -0600 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Jan Lieskovsky <jlieskov@...hat.com>, "Steven M. Christey" <coley@...us.mitre.org>, Noriko Hosoi <nhosoi@...hat.com>, Rich Megginson <rmeggins@...hat.com> Subject: Re: CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/26/2012 03:54 AM, Jan Lieskovsky wrote: > Hello Kurt, Steve, vendors, > > Noriko Hosoi of Red Hat notified us about the following > deficiency: > > A possibility to bypass access control list (ACL) definitions was > found in the way 389 Directory Server performed LDAP modifyRDN > operation upon request from client. When a user has been granted > access to set of DN entries, but denied access to a specific subset > of those entries, it was possible the user to obtain temporary > (till next Directory Server restart) access to that subset of > entries (they should not have had otherwise ability to access) when > the DN entry was moved via database modify RDN function. > > Upstream ticket: [1] https://fedorahosted.org/389/ticket/340 > > Relevant upstream patch: [2] > http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09 > > Could you allocate a CVE id for this? > > Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat > Security Response Team Please use CVE-2012-4450 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQIcBAEBAgAGBQJQYx9XAAoJEBYNRVNeJnmTKi4P/RmXXD/LOtYKBLQ0ag5TIkZ3 Ccr+18fhhvsshUF+DJccMyOozDE2BtAWM10KylFbek6FDefASl3ygTWc/8w2FwOu NaP4KFy2cm6b84M+lQL6xWZ8abL9M1PR+4MBE79pEKs5QBJXjbnxcJTAs6loJPVr b7NMRerndaJzTzSux9mTKFPYESrtWRnvdOvwALKN2Fg4pPBF06evs9P7MaNUjJnd P7tsucsqgDQBxE2Nw3efCiDfuNW4Q3YGOLgdMrKar64sbd8sbj2wIZ0ik9e6G2Hh LGCzWZc+8jX8UsZxH/U8uSyBAuV4eQVqqUxxEBUHqiErwZlx9U1vIra5vJ81hub1 QNsK0hxbKd0RqguntD1iSawsTyrELu+Bje3AMXTRB/rr/rF8n3mmDEGOhy3GH2xo OF9TGAytVbBky2oHxdbLH/KEjVZ0PHUttNdVr3nq1ukfUf6F5+gL9cNU9VktcX6D PYfljJz5jHdtr61L5rYTfwtd14RHuCFxXf0qyDMwgYQkWydUp6nubLLs/SFfiAsX +H08GKbi3Ixt8b+ms70XYqfNSmy17w1AvcyP3wqd72qwpzgII0gfTMn4upJribtc BS8yBiL6C4O6F9MpJUsMsRJPDaG35nUb6N1y+AOUhaeLRaqUwvDn/bdoliaXZqyI 5gDYrkppGv9XzPRjGNrU =EtKB -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.