Bug 1531573 (CVE-2017-15134)

Summary: CVE-2017-15134 389-ds-base: Remote DoS via search filters in slapi_filter_sprintf in slapd/util.c
Product: [Other] Security Response Reporter: Pedro Sampaio <psampaio>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: dkholia, lkrispen, mreynolds, nkinder, rmeggins, security-response-team, vashirov, yozone
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 389-ds-base 1.3.6.13, 389-ds-base 1.3.7.9, 389-ds-base 1.4.0.5 Doc Type: If docs needed, set a value
Doc Text:
A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-02-01 05:32:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 1534379, 1534430, 1536983    
Bug Blocks: 1531574    

Description Pedro Sampaio 2018-01-05 14:50:27 UTC
A flaw was found in 389-ds-base 1.3.6.1. Improper handling of a search filter in slapi_filter_sprintf in slapd/util.c can lead to remote server crash and denial of service.

Upstream patch:

https://pagure.io/389-ds-base/c/6aa2acdc3cad9

Comment 6 Dhiru Kholia 2018-01-22 08:25:34 UTC
Created 389-ds-base tracking bugs for this issue:

Affects: fedora-all [bug 1536983]

Comment 7 errata-xmlrpc 2018-01-25 11:30:52 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:0163 https://access.redhat.com/errata/RHSA-2018:0163