|
|||
Rule General Information |
---|
Release Date: | 2018-10-22 | |
Rule Name: | Red Hat 389 Directory Server Server-Side-Sort Denial of Service Vulnerability (CVE-2018-10935) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort. | |
Impact: | An attacker can launch a denial of service attack by exploiting the vulnerability successfully. | |
Affected OS: | Network Device, Solaris, FreeBSD, Windows, Mac OS, iOS, Other Unix, Linux, Others, Android | |
Reference: | https://access.redhat.com/errata/RHSA-2018:2757 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10935 https://lists.debian.org/debian-lts-announce/2018/08/msg00032.html |
|
Solutions |
---|
For details on how to apply this update, which includes the changes described in this advisory, refer to After installing this update, the 389 server service will be restarted automatically https://access.redhat.com/articles/11258 |