Date: Wed, 18 Jan 2017 16:22:20 +0100 From: Cedric Buissart <cbuissar@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2017-2591 389 Directory Server: DoS via OOB heap read in "attribute uniqueness" plugin Hi, This is to disclose the following CVE: CVE-2017-2591 389 Directory Server: DoS via OOB heap read Description : The "attribute uniqueness" plugin did not properly NULL-terminate an array when building up its configuration, if a so called 'old-style' configuration, was being used (Using nsslapd-pluginarg<X> parameters) . A attacker, authenticated, but possibly also unauthenticated, could possibly force the plugin to read beyond allocated memory and trigger a segfault. The crash could also possibly be triggered accidentally. Upstream patch : https://fedorahosted.org/389/changeset/ffda694dd622b31277da07be76d3469fad86150f/ Affected versions : from 22.214.171.124 Fixed version : 1.3.6 Impact: Low CVSS3 scoring : 3.7 -- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Upstream bug report : https://fedorahosted.org/389/ticket/48986 Best Regards, -- Cedric Buissart, Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.