{"id":"MGASA-2013-0357","summary":"Updated 389-ds-base package fixes CVE-2013-4485","details":"Updated 389-ds-base packages fix security vulnerability:\n\nIt was discovered that the 389 Directory Server did not properly handle\ncertain Get Effective Rights (GER) search queries when the attribute list,\nwhich is a part of the query, included several names using the '@'\ncharacter. An attacker able to submit search queries to the 389 Directory\nServer could cause it to crash (CVE-2013-4485).\n","modified":"2026-01-30T12:17:10.412945Z","published":"2013-11-30T21:31:52Z","related":["CVE-2013-4485"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2013-0357.html"},{"type":"REPORT","url":"http://port389.org/wiki/Releases/1.3.0.9"},{"type":"REPORT","url":"https://rhn.redhat.com/errata/RHSA-2013-1752.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=11720"}],"affected":[{"package":{"name":"389-ds-base","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/389-ds-base?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.0.9-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0357.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}