Advisories ยป MGASA-2018-0193

Updated 389-ds-base packages fix security vulnerability

Publication date: 06 Apr 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-15135

Description

It was discovered that a lack of size check in slapi_ct_memcmp()
function may lead to authentication bypass through pre-hashed
userPassword attributes under highly specific circumstances
(CVE-2017-15135).
                

References

SRPMS

6/core