Scientific Linux: SLSA-2014:1031-1 Critical: 389-ds-base Info Disclosure

Aug 07, 2014 •

LinuxSecurity Advisories

1 - 2 min read

Scientific Large Esm H500

Topics Covered

security advisory critical information disclosure 389-ds-base Scientific Linux

Important: 389-ds-base security update

Date: Thu, 7 Aug 2014 19:24:28 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Important: 389-ds-base on SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Important: 389-ds-base security update
Advisory ID: SLSA-2014:1031-1
Issue Date: 2014-08-07
CVE Numbers: CVE-2014-3562
--

It was found that when replication was enabled for each attribute in 389
Directory Server, which is the default configuration, the server returned
replicated metadata when the directory was searched while debugging was
enabled. A remote attacker could use this flaw to disclose potentially
sensitive information. (CVE-2014-3562)

After installing this update, the 389 server service will be restarted
automatically.
--

SL6
 x86_64
 389-ds-base-1.2.11.15-34.el6_5.x86_64.rpm
 389-ds-base-debuginfo-1.2.11.15-34.el6_5.i686.rpm
 389-ds-base-debuginfo-1.2.11.15-34.el6_5.x86_64.rpm
 389-ds-base-devel-1.2.11.15-34.el6_5.i686.rpm
 389-ds-base-devel-1.2.11.15-34.el6_5.x86_64.rpm
 389-ds-base-libs-1.2.11.15-34.el6_5.i686.rpm
 389-ds-base-libs-1.2.11.15-34.el6_5.x86_64.rpm
 i386
 389-ds-base-1.2.11.15-34.el6_5.i686.rpm
 389-ds-base-debuginfo-1.2.11.15-34.el6_5.i686.rpm
 389-ds-base-devel-1.2.11.15-34.el6_5.i686.rpm
 389-ds-base-libs-1.2.11.15-34.el6_5.i686.rpm

- Scientific Linux Development Team

Powered By

Linux Security Footer

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here