Please Install the Updated Packages.

The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. It was discovered that the 389 Directory Server did not properly handle the receipt of certain MOD operations with a bogus Distinguished Name (DN). A remote, unauthenticated attacker could use this flaw to cause the 389 Directory Server to crash. (CVE-2013-4283) All 389-ds-base users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the 389 server service will be restarted automatically.

389-ds-base on Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6)

• https://www.redhat.com/archives/rhsa-announce/2013-August/msg00022.html

---

Updated on 2015-03-25