Vulnerability-Lookup

CNVD-2016-02472

Vulnerability from cnvd - Published: 2016-04-25

Title

RedHat 389 Directory Server拒绝服务漏洞

Description

389 Directory Server是Red Hat开发的LDAP服务器。 RedHat 389 Directory Server 1.3.4.x < 1.3.4.7版本，slapd/connection.c存在拒绝服务漏洞，远程攻击者可利用该漏洞通过异常的封闭连接造成拒绝服务。

Severity

中

Patch Name

RedHat 389 Directory Server拒绝服务漏洞的补丁

Patch Description

389 Directory Server是Red Hat开发的LDAP服务器。 RedHat 389 Directory Server 1.3.4.x < 1.3.4.7版本，slapd/connection.c存在拒绝服务漏洞，远程攻击者可利用该漏洞通过异常的封闭连接造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： https://fedorahosted.org/389/ticket/48412

Reference

http://www.linuxidc.com/Linux/2016-04/130442.htm

Impacted products

Name
Red Hat 389 Directory Server 1.3.4.x<1.3.4.7

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "95136"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-8741"
    }
  },
  "description": "389 Directory Server\u662fRed Hat\u5f00\u53d1\u7684LDAP\u670d\u52a1\u5668\u3002\r\n\r\nRedHat 389 Directory Server 1.3.4.x \u003c 1.3.4.7\u7248\u672c\uff0cslapd/connection.c\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u5f02\u5e38\u7684\u5c01\u95ed\u8fde\u63a5\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Red Hat",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttps://fedorahosted.org/389/ticket/48412",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-02472",
  "openTime": "2016-04-25",
  "patchDescription": "389 Directory Server\u662fRed Hat\u5f00\u53d1\u7684LDAP\u670d\u52a1\u5668\u3002\r\n\r\nRedHat 389 Directory Server 1.3.4.x \u003c 1.3.4.7\u7248\u672c\uff0cslapd/connection.c\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u5f02\u5e38\u7684\u5c01\u95ed\u8fde\u63a5\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "RedHat 389 Directory Server\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Red Hat 389 Directory Server 1.3.4.x\u003c1.3.4.7"
  },
  "referenceLink": "http://www.linuxidc.com/Linux/2016-04/130442.htm",
  "serverity": "\u4e2d",
  "submitTime": "2016-04-21",
  "title": "RedHat 389 Directory Server\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2016-8741 (GCVE-0-2016-8741)

Vulnerability from cvelistv5 – Published: 2017-05-15 14:00 – Updated: 2024-08-06 02:34

Summary

The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256.

Severity ?

No CVSS data available.

CWE

Information Leakage

Assigner

apache

References

URL

Tags

	http://www.securitytracker.com/id/1037537	vdb-entryx_refsource_SECTRACK
	https://issues.apache.org/jira/browse/QPID-7599	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/95136	vdb-entryx_refsource_BID
	http://qpid.2158936.n2.nabble.com/CVE-2016-8741-A…	mailing-listx_refsource_MLIST

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Qpid Broker-J	Affected: 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 Affected: 6.1.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:34:59.610Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1037537",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037537"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.apache.org/jira/browse/QPID-7599"
          },
          {
            "name": "95136",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95136"
          },
          {
            "name": "[apache-qpid-users] 20161228 [CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Qpid Broker-J",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5"
            },
            {
              "status": "affected",
              "version": "6.1.0"
            }
          ]
        }
      ],
      "datePublic": "2016-12-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Leakage",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-26T09:57:01",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "name": "1037537",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037537"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.apache.org/jira/browse/QPID-7599"
        },
        {
          "name": "95136",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95136"
        },
        {
          "name": "[apache-qpid-users] 20161228 [CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2016-8741",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache Qpid Broker-J",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5"
                          },
                          {
                            "version_value": "6.1.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in Apache Qpid Broker for Java 6.0.x before 6.0.6 and 6.1.x before 6.1.1 prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. The Vulnerability does not apply to AuthenticationProviders other than SCRAM-SHA-1 and SCRAM-SHA-256."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Leakage"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1037537",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037537"
            },
            {
              "name": "https://issues.apache.org/jira/browse/QPID-7599",
              "refsource": "CONFIRM",
              "url": "https://issues.apache.org/jira/browse/QPID-7599"
            },
            {
              "name": "95136",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95136"
            },
            {
              "name": "[apache-qpid-users] 20161228 [CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage",
              "refsource": "MLIST",
              "url": "http://qpid.2158936.n2.nabble.com/CVE-2016-8741-Apache-Qpid-Broker-for-Java-Information-Leakage-td7657025.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2016-8741",
    "datePublished": "2017-05-15T14:00:00",
    "dateReserved": "2016-10-18T00:00:00",
    "dateUpdated": "2024-08-06T02:34:59.610Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2016-02472

CVE-2016-8741 (GCVE-0-2016-8741)

Tags

Sightings

Nomenclature