New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
389 ldap server segfaults during Qualys vulnerability scan #2248
Comments
Comment from firstyear (@Firstyear) at 2017-03-22 23:14:28 Hi there. Thanks for the report. Reading the trace, this is the offending thread:
This occurs in libssl3.so, which makes it an issue inside of nss3 rather than DS. I'm going to close this issue, but I'll open one for you on bugzilla. |
Comment from firstyear (@Firstyear) at 2017-03-22 23:14:39 Metadata Update from @Firstyear:
|
Comment from firstyear (@Firstyear) at 2017-03-22 23:18:22 Metadata Update from @Firstyear:
|
Comment from firstyear (@Firstyear) at 2017-03-22 23:24:34 Metadata Update from @Firstyear:
|
Comment from firstyear (@Firstyear) at 2017-03-22 23:25:30 I've closed this because it's not a DS issue, it's an nss issue. See the bugzilla link for the details. If you can provide me your email, so that I can attach you to the bugzilla, that would be great. You can contact me as Firstyear at redhat.com. Thanks for reporting this! |
Cloned from Pagure issue: https://pagure.io/389-ds-base/issue/49189
Issue Description
We have two 389 servers with replication configured and active. Some Java applications served by both.
When we run a Qualys vulnerability scan on the VMs that runs the services one or both ns-slapd daemons dies unexpectedly:
Mar 22 13:42:52 ips1.devenv.dev kernel: ns-slapd[2321]: segfault at 0 ip 00007f244de1a4e8 sp 00007f24237e57e8 error 6 in libc-2.17.so[7f244dccf000+1b6000]
Mar 22 13:42:53 ips1.devenv.dev systemd[1]: dirsrv@ips_ips1.service: main process exited, code=killed, status=11/SEGV
Operating System
CentOS Linux release 7.3.1611 (Core)
Every packages is kept up to date to centos-updates and epel repos
Package Version and Platform
Name : 389-ds-base
Arch : x86_64
Version : 1.3.5.10
Release : 18.el7_3
Size : 5.2 M
Repo : installed
From repo : updates
Summary : 389 Directory Server (base)
URL : https://www.port389.org/
License : GPLv3+
Description : 389 Directory Server is an LDAPv3 compliant server. The base package includes
: the LDAP server and command line utilities for server administration.
Steps to reproduce
I'm attaching the core dump. Nothing more useful on the logs of the LDAP servers.
The text was updated successfully, but these errors were encountered: