Red Hat 389-ds-base CVE-2017-2668 Remote Denial of Service Vulnerability

Red Hat 389-ds-base is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to crash the affected application, resulting in denial-of-service conditions.

Information

Bugtraq ID: 97524
Class: Input Validation Error
CVE: CVE-2017-2668

Remote: Yes
Local: No
Published: Apr 10 2017 12:00AM
Updated: Apr 14 2017 12:06AM
Credit: Joachim Jabs
Vulnerable: Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 7
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server TUS 7.3
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 7
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 7
Redhat 389-ds-base 0
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
CentOS CentOS 6

Not Vulnerable:

References:

• 389 Directory Server Homepage (389 Directory Server)
  
• CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages (Red Hat)
  
• Red Hat Homepage (Red Hat)
  
• RHSA-2017:0920: 389-ds-base security and bug fix update (Red Hat)
  

Source: www.securityfocus.com