- Vulnerability/
- RHSA-2011:0293
RHSA-2011:0293: Moderate: Red Hat Directory Server security update
First published: Tue Feb 22 2011(Updated: )
Red Hat Directory Server is an LDAPv3-compliant directory server. The<br>redhat-ds-base package includes the LDAP server and command line utilities<br>for server administration.<br>A flaw was found in the way Red Hat Directory Server handled simple paged<br>result searches. If an unauthenticated user were able to send multiple<br>simple paged search requests to Directory Server, it could cause the server<br>to crash. (CVE-2011-0019)<br>When multiple Red Hat Directory Server instances were configured on the<br>system to run under different unprivileged users, the Directory Server<br>setup scripts set insecure permissions on the /var/run/dirsrv/ directory,<br>which stores process ID (pid) files. A local user could use this flaw to<br>manipulate the pid files in that directory, possibly preventing Directory<br>Server instances from starting correctly, or causing the Directory Server<br>init script to kill an arbitrary process when shutting down Directory<br>Server. (CVE-2011-0022)<br>It was found that multiple scripts shipped with Red Hat Directory Server<br>set the LD_LIBRARY_PATH environment variable to an insecure value<br>containing an empty path. A local user able to trick a user running those<br>scripts (usually the root user) to run them while working from an<br>attacker-writable directory could use this flaw to escalate their<br>privileges via a specially-crafted dynamic library. (CVE-2011-0532)<br>All Red Hat Directory Server users should upgrade to these updated<br>packages, which correct these issues. After installing the updated<br>packages, the dirsrv daemon must be restarted ("service dirsrv restart")<br>for the update to take effect.<br>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/redhat-ds-admin | <8.2.1-1.el5d | 8.2.1-1.el5d |
| redhat/redhat-ds-base | <8.2.4-1.el5d | 8.2.4-1.el5d |
| redhat/redhat-ds-base-devel | <8.2.4-1.el5d | 8.2.4-1.el5d |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=666076
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=670914
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=671199
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=672468
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/errata/RHSA-2011:0293 (Advisory)
- collector/redhat-errata
- anchor-id/RHSA-2011:0293
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- package-manager/redhat