A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix() function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can crash the LDAP server by storing a crafted credential with an oversized algorithm ID. FORTIFY_SOURCE mitigates this to denial of service only.
{
"binaries": [
{
"binary_name": "389-ds",
"binary_version": "2.0.15-1ubuntu2"
},
{
"binary_name": "389-ds-base",
"binary_version": "2.0.15-1ubuntu2"
},
{
"binary_name": "389-ds-base-libs",
"binary_version": "2.0.15-1ubuntu2"
},
{
"binary_name": "cockpit-389-ds",
"binary_version": "2.0.15-1ubuntu2"
},
{
"binary_name": "python3-lib389",
"binary_version": "2.0.15-1ubuntu2"
}
]
}{
"binaries": [
{
"binary_name": "389-ds",
"binary_version": "2.4.5+dfsg1-1"
},
{
"binary_name": "389-ds-base",
"binary_version": "2.4.5+dfsg1-1"
},
{
"binary_name": "389-ds-base-libs",
"binary_version": "2.4.5+dfsg1-1"
},
{
"binary_name": "cockpit-389-ds",
"binary_version": "2.4.5+dfsg1-1"
},
{
"binary_name": "python3-lib389",
"binary_version": "2.4.5+dfsg1-1"
}
]
}{
"binaries": [
{
"binary_name": "389-ds",
"binary_version": "3.1.2+dfsg1-1"
},
{
"binary_name": "389-ds-base",
"binary_version": "3.1.2+dfsg1-1"
},
{
"binary_name": "389-ds-base-libs",
"binary_version": "3.1.2+dfsg1-1"
},
{
"binary_name": "cockpit-389-ds",
"binary_version": "3.1.2+dfsg1-1"
},
{
"binary_name": "python3-lib389",
"binary_version": "3.1.2+dfsg1-1"
}
]
}{
"binaries": [
{
"binary_name": "389-ds",
"binary_version": "3.1.2+vendor1-2"
},
{
"binary_name": "389-ds-base",
"binary_version": "3.1.2+vendor1-2"
},
{
"binary_name": "389-ds-base-libs",
"binary_version": "3.1.2+vendor1-2"
},
{
"binary_name": "cockpit-389-ds",
"binary_version": "3.1.2+vendor1-2"
},
{
"binary_name": "python3-lib389",
"binary_version": "3.1.2+vendor1-2"
}
]
}{
"binaries": [
{
"binary_name": "389-ds",
"binary_version": "1.3.7.10-1ubuntu1+esm1"
},
{
"binary_name": "389-ds-base",
"binary_version": "1.3.7.10-1ubuntu1+esm1"
},
{
"binary_name": "389-ds-base-libs",
"binary_version": "1.3.7.10-1ubuntu1+esm1"
},
{
"binary_name": "python3-dirsrvtests",
"binary_version": "1.3.7.10-1ubuntu1+esm1"
},
{
"binary_name": "python3-lib389",
"binary_version": "1.3.7.10-1ubuntu1+esm1"
}
]
}{
"binaries": [
{
"binary_name": "389-ds",
"binary_version": "1.4.3.6-2ubuntu0.1~esm1"
},
{
"binary_name": "389-ds-base",
"binary_version": "1.4.3.6-2ubuntu0.1~esm1"
},
{
"binary_name": "389-ds-base-libs",
"binary_version": "1.4.3.6-2ubuntu0.1~esm1"
},
{
"binary_name": "cockpit-389-ds",
"binary_version": "1.4.3.6-2ubuntu0.1~esm1"
},
{
"binary_name": "python3-lib389",
"binary_version": "1.4.3.6-2ubuntu0.1~esm1"
}
]
}