Detections
Analytics

Oracle Linux 6 : 389-ds-base (ELSA-2012-0813)

high Nessus Plugin ID 68552

Language:

Synopsis

The remote Oracle Linux host is missing a security update.

Description

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-0813 advisory.

 [1.2.10.2-15]
 - Resolves: Bug 824014 - DS Shuts down intermittently

 [1.2.10.2-14]
 - Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress
 -- patch 0015 fixes a small memleak in previous patch

 [1.2.10.2-13]
 - Resolves: Bug 822700 - Bad DNs in ACIs can segfault ns-slapd

 [1.2.10.2-12]
 - Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress
 - Resolves: Bug 821542 - letters in object's cn get converted to lowercase when renaming object

 [1.2.10.2-11]
 - Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress
 - 1.2.10.2-10 was built from the private branch

 [1.2.10.2-10]
 - Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress

 [1.2.10.2-9]
 - Resolves: Bug 815991 - crash in ldap_initialize with multiple threads
 - previous fix was still crashing in ldclt

 [1.2.10.2-8]
 - Resolves: Bug 815991 - crash in ldap_initialize with multiple threads

 [1.2.10.2-7]
 - Resolves: Bug 813964 - IPA dirsvr seg-fault during system longevity test

 [1.2.10.2-6]
 - Resolves: Bug 811291 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns- slapd was killed by signal 11 (SIGSEGV)
 - typo in previous patch

 [1.2.10.2-5]
 - Resolves: Bug 811291 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns- slapd was killed by signal 11 (SIGSEGV)

 [1.2.10.2-4]
 - Resolves: Bug 803930 - ipa not starting after upgade because of missing data
 - get rid of posttrans - move update code to post

 [1.2.10.2-3]
 - Resolves: Bug 800215 - Certain CMP operations hang or cause ns-slapd to crash

 [1.2.10.2-2]
 - Resolves: Bug 800215 - Certain CMP operations hang or cause ns-slapd to crash
 - Resolves: Bug 800217 - fix valgrind reported issues

 [1.2.10.2-1]
 - Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10
 - Resolves: Bug 796770 - crash when replicating orphaned tombstone entry

 [1.2.10.1-1]
 - Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10
 - Resolves: Bug 790491 - 389 DS Segfaults during replica install in FreeIPA

 [1.2.10.0-1]
 - Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10

 [1.2.10-0.11.rc2]
 - Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10

 [1.2.9.16-1]
 - Bug 759301 - Incorrect entryUSN index under high load in replicated environment
 - Bug 743979 - Add slapi_rwlock API and use POSIX rwlocks
 - WARNING - patches 0030 and 0031 remove and add back the file configure
 - this is necessary because the merge commit to rebase RHEL-6 to 1.2.9.6
 - seriously messed up configure - so in order to add the patch for 743979
 - which also touched configure, the file had to be removed and added back
 - also note that the commit for the RHEL-6 branch to remove configure does
 - not work - the way patch works, it has to match every line exactly in
 - order to remove the file, and because the merge commit messed things
 - up, it doesn't work
 - So, DO NOT TOUCH 0030-remove-configure-to-get-rid-of-merge-conflict.patch
 - BECAUSE IT IS HAND CRAFTED and not generated by git format-patch
 - if you must regenerate this file,
 - git format-patch ...args... to generate a file in patch format
 - remove all of the patch matches (all the lines beginning with -)
 - get the 1.2.9.6 version of configure from the source tarball
 - wc -l configure to get the number of lines in the file
 - sed 's/^/-/' configure >> thefile.patch
 - edit thefile.patch to have the right number of lines and have the
 - patch commands in the correct place
 - PROFIT!!!

 [1.2.9.15-1]
 - Bug 752577 - crash when simple paged fails to send entry to client
 - Bug 757897 - rhds81 modrn operation and 100% cpu use in replication
 - Bug 757898 - Fix Coverity (11104) Resource leak: ids_sasl_user_to_entry (slapd/saslbind.c)

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected 389-ds-base, 389-ds-base-devel and / or 389-ds-base-libs packages.

See Also

https://linux.oracle.com/errata/ELSA-2012-0813.html

Plugin Details

Severity: High

ID: 68552

File Name: oraclelinux_ELSA-2012-0813.nasl

Version: 1.8

Type: local

Agent: unix

Published: 7/12/2013

Updated: 10/22/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Low

Base Score: 2.3

Temporal Score: 1.8

Vector: CVSS2#AV:A/AC:M/Au:S/C:N/I:N/A:P

CVSS Score Source: CVE-2012-0833

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:389-ds-base-devel, p-cpe:/a:oracle:linux:389-ds-base, cpe:/o:oracle:linux:6, p-cpe:/a:oracle:linux:389-ds-base-libs

Required KB Items: Host/local_checks_enabled, Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 7/2/2012

Vulnerability Publication Date: 7/3/2012

Reference Information

CVE: CVE-2012-0833

BID: 52044

RHSA: 2012:0813