Back to bug 1381481
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-10-04 09:00:30 UTC | Blocks | 1381482 | |
| Adam Mariš | 2016-10-04 09:01:10 UTC | Depends On | 1381483 | |
| Florian Weimer | 2016-10-04 09:29:49 UTC | CC | fweimer | |
| Noriko Hosoi | 2016-11-14 22:07:23 UTC | Status | NEW | POST |
| Fixed In Version | 389-ds-base 1.3.6 | 389-ds-base-1.3.6.1-1.fc26 | ||
| Tomas Hoger | 2016-11-14 22:31:16 UTC | Status | POST | NEW |
| Fixed In Version | 389-ds-base-1.3.6.1-1.fc26 | 389-ds-base 1.3.6 | ||
| Noriko Hosoi | 2017-01-06 00:54:42 UTC | CC | amaris | |
| Flags | needinfo?(amaris) | |||
| Adam Mariš | 2017-01-09 16:22:30 UTC | Flags | needinfo?(amaris) | |
| Cedric Buissart | 2017-01-17 15:11:22 UTC | Whiteboard | impact=moderate,public=20160913,reported=20161003,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-122,rhel-6/389-ds-base=notaffected,rhel-7/389-ds-base=affected,fedora-all/389-ds-base=affected | impact=moderate,public=20160913,reported=20161003,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-122,rhel-6/389-ds-base=notaffected,rhel-7/389-ds-base=affected,fedora-all/389-ds-base=affected |
| Cedric Buissart | 2017-01-17 15:11:32 UTC | Whiteboard | impact=moderate,public=20160913,reported=20161003,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-122,rhel-6/389-ds-base=notaffected,rhel-7/389-ds-base=affected,fedora-all/389-ds-base=affected | impact=moderate,public=20160913,reported=20161003,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-122,rhel-6/389-ds-base=notaffected,rhel-7/389-ds-base=affected,fedora-all/389-ds-base=affected |
| Cedric Buissart | 2017-01-17 15:11:39 UTC | Whiteboard | impact=moderate,public=20160913,reported=20161003,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-122,rhel-6/389-ds-base=notaffected,rhel-7/389-ds-base=affected,fedora-all/389-ds-base=affected | impact=low,public=20160913,reported=20161003,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-122,rhel-6/389-ds-base=notaffected,rhel-7/389-ds-base=affected,fedora-all/389-ds-base=affected |
| Cedric Buissart | 2017-01-17 15:11:47 UTC | Severity | medium | low |
| Cedric Buissart | 2017-01-17 15:11:54 UTC | Priority | medium | low |
| Cedric Buissart | 2017-01-17 15:30:41 UTC | CC | cbuissar | |
| Cedric Buissart | 2017-01-18 09:22:09 UTC | Doc Text | It was found that the uniqueness_entry_to_config() function, used by the "attribute uniqueness" plugin of 389 Directory Server, did not properly NULL terminate an array used in some configuration. An authenticated, or possibly unauthenticated, attacker could use this flaw to force an out-of-bound heap memory read, possibly triggering a crash of the LDAP service. | |
| Cedric Buissart | 2017-01-18 14:48:24 UTC | Alias | CVE-2017-2591 | |
| Cedric Buissart | 2017-01-18 14:48:31 UTC | Summary | 389-ds-base: Heap buffer overflow in uiduniq.c | CVE-2017-2591 389-ds-base: Heap buffer overflow in uiduniq.c |
| Cedric Buissart | 2017-01-19 10:59:15 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2017-01-19 05:59:15 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:57:57 UTC | Whiteboard | impact=low,public=20160913,reported=20161003,source=redhat,cvss2=2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P,cvss3=3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-122,rhel-6/389-ds-base=notaffected,rhel-7/389-ds-base=affected,fedora-all/389-ds-base=affected |
Back to bug 1381481