Date: Wed, 18 Jan 2017 16:22:20 +0100 From: Cedric Buissart <cbuissar@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2017-2591 389 Directory Server: DoS via OOB heap read in "attribute uniqueness" plugin Hi, This is to disclose the following CVE: CVE-2017-2591 389 Directory Server: DoS via OOB heap read Description : The "attribute uniqueness" plugin did not properly NULL-terminate an array when building up its configuration, if a so called 'old-style' configuration, was being used (Using nsslapd-pluginarg<X> parameters) . A attacker, authenticated, but possibly also unauthenticated, could possibly force the plugin to read beyond allocated memory and trigger a segfault. The crash could also possibly be triggered accidentally. Upstream patch : https://fedorahosted.org/389/changeset/ffda694dd622b31277da07be76d3469fad86150f/ Affected versions : from 22.214.171.124 Fixed version : 1.3.6 Impact: Low CVSS3 scoring : 3.7 -- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Upstream bug report : https://fedorahosted.org/389/ticket/48986 Best Regards, -- Cedric Buissart, Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ