389-ds-base-1.2.11.15-84.AXS4
エラータID: AXSA:2016-930:05
リリース日:
2016/11/16 Wednesday - 10:27
題名:
389-ds-base-1.2.11.15-84.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
Moderate
Description:
[修正内容]
以下項目について対処しました。
[Security Fix]
- 389 Directory Server には,リモートの攻撃者が RDN コンポーネントオブ
ジェクトの存在を推定する脆弱性があります。(CVE-2016-4992)
- 389 Directory Server には,リモートの攻撃者がユーザのパスワードを取
得する脆弱性があります。(CVE-2016-5405)
- 389 Directory Server には,リモートの攻撃者がデフォルトのアクセスコ
ントロール命令を読み込むことができる脆弱性があります。(CVE-2016-5416)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-4992
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects.
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects.
CVE-2016-5405
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords.
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords.
CVE-2016-5416
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control Instructions.
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to read the default Access Control Instructions.
追加情報:
N/A
ダウンロード:
SRPMS
- 389-ds-base-1.2.11.15-84.AXS4.src.rpm
MD5: 6a21e03cc8b98f9e95a7b7dca18cfb39
SHA-256: af42af5c7c4e5401ccfbf5dfdf2269052f732cfad9e0f5b97baf60b80616f32b
Size: 4.16 MB
Asianux Server 4 for x86
- 389-ds-base-1.2.11.15-84.AXS4.i686.rpm
MD5: 8c7a15b2b7b2f7dd8a96ad97a12443ea
SHA-256: d5a9b3bedc16a66d591f0a6017480c1faec65b05a841eaa4bd006dfcbf8906d1
Size: 1.51 MB - 389-ds-base-libs-1.2.11.15-84.AXS4.i686.rpm
MD5: 97718981f441093d81637e512bc5ec26
SHA-256: c38be64483172f8753deb4717df226624a4e64c135b2a2f282161154b8797e95
Size: 445.24 kB
Asianux Server 4 for x86_64
- 389-ds-base-1.2.11.15-84.AXS4.x86_64.rpm
MD5: 81f627b445e7676dad9208a45d4f95b3
SHA-256: 622ce4ffc0dc853abd32ab5c192c41cef4d099dd380003af2dbcb3e20d6129d8
Size: 1.52 MB - 389-ds-base-libs-1.2.11.15-84.AXS4.x86_64.rpm
MD5: 4c5cbd09bf0e6fd6f3f7a0e456ab954a
SHA-256: 544d3d5850c51a4727b32e613b48ca4293cefbf72ab13126cd612fd11b89fb86
Size: 440.18 kB - 389-ds-base-libs-1.2.11.15-84.AXS4.i686.rpm
MD5: 97718981f441093d81637e512bc5ec26
SHA-256: c38be64483172f8753deb4717df226624a4e64c135b2a2f282161154b8797e95
Size: 445.24 kB
English