CVE-2017-15134

Priority
Description
A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x
before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled
certain LDAP search filters. A remote, unauthenticated attacker could
potentially use this flaw to make ns-slapd crash via a specially crafted
LDAP request, thus resulting in denial of service.
Package
Upstream:released (1.3.7.9-1, 1.4.0.5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):released (1.3.7.9-1)
Ubuntu 19.04 (Disco Dingo):not-affected (1.4.0.18-1)
Ubuntu 19.10 (Eoan):not-affected (1.4.0.18-1)
Patches:
Other:https://pagure.io/389-ds-base/c/6aa2acdc3cad97ebec2a6d59d479a15e89bbb3a0
More Information

Updated: 2019-09-19 14:37:25 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)