Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 436768 (CVE-2012-4450)

Summary: <net-nds/389-ds-base-1.2.11.15: "modifyRDN" ACL Bypass Vulnerability (CVE-2012-4450)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: lxnay
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://secunia.com/advisories/50713/
Whiteboard: ~4 [noglsa]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2012-10-01 12:23:14 UTC 
From secunia advisory at $URL:

Description
A vulnerability has been reported in 389 Directory Server, which can be exploited by malicious users to bypass certain security restrictions.

The vulnerability is caused due to an error when performing the "modifyRDN" operation, which can be exploited to bypass the ACL and gain access to restricted entries when a DN entry is moved via database modify RDN function.

The vulnerability is reported in version 1.2.10. Other versions may also be affected.


Solution
Fixed in the GIT repository.
Comment 1 Agostino Sarubbo gentoo-dev 2012-10-01 12:26:53 UTC 
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4450

389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2012-10-01 21:26:49 UTC 
CVE-2012-4450 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4450):
  389 Directory Server 1.2.10 does not properly update the ACL when a DN entry
  is moved by a modrdn operation, which allows remote authenticated users with
  certain permissions to bypass ACL restrictions and access the DN entry.
Comment 3 Fabio Erculiani (RETIRED) gentoo-dev 2012-10-02 20:26:25 UTC 
Fixed in CVS.

  02 Oct 2012; Fabio Erculiani <lxnay@gentoo.org>
  +389-ds-base-1.2.11.15.ebuild,
  +files/389-ds-base-1.2.11.16-cve-2012-4450.patch,
  +files/389-ds-base-1.2.11-fix-mozldap.patch, -389-ds-base-1.2.8.3.ebuild,
  -389-ds-base-1.2.9.6.ebuild:
  version bump, closes #405127, #428178, #436768
Comment 4 Sean Amoss (RETIRED) gentoo-dev Security 2012-10-02 21:40:30 UTC 
Thanks, Fabio.

Closing noglsa for ~arch only.