Endpoint Vulnerability

RHSA-2019:1896: 389-ds-base security and bug fix update (Moderate)

Description

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: DoS via hanging secured connections (CVE-2019-3883) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Previously, if you were using the PAM plugin and attempted to bind as a dn that doesn't exist, the server would crash. This has now been fixed. (BZ#1718184)

Affected Products

389-ds-base

References

CVE-2019-3883,