PT-2017-8641 · Red Hat+1 · Red Hat Enterprise Linux Server+6

Adam Mariš

·

Published

2016-10-21

·

Updated

2024-06-15

·

CVE-2016-4992

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux Desktop versions 6 through 7 Red Hat Enterprise Linux HPC Node versions 6 through 7 Red Hat Enterprise Linux Server versions 6 through 7 Red Hat Enterprise Linux Workstation versions 6 through 7
Description The issue allows remote attackers to infer the existence of RDN component objects in 389 Directory Server.
Recommendations For Red Hat Enterprise Linux Desktop versions 6 through 7, update to a version that includes the fix for this issue. For Red Hat Enterprise Linux HPC Node versions 6 through 7, update to a version that includes the fix for this issue. For Red Hat Enterprise Linux Server versions 6 through 7, update to a version that includes the fix for this issue. For Red Hat Enterprise Linux Workstation versions 6 through 7, update to a version that includes the fix for this issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CESA-2016_2594
CESA-2016_2765
CVE-2016-4992
MGASA-2016-0350
OPENSUSE-SU-2024:10593-1
RHSA-2016:2594
RHSA-2016:2765
RHSA-2016_2594
RHSA-2016_2765

Affected Products

389 Directory Server
Centos
Red Hat
Red Hat Enterprise Linux Desktop
Red Hat Enterprise Linux Hpc Node
Red Hat Enterprise Linux Server
Red Hat Enterprise Linux Workstation