CVE-2017-14159 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-14159 Interim 1 32 2025-05-17T23:42:44Z current 2021-05-30T14:01:48Z 2025-05-17T23:42:44Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-14159 slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by openldap-initscript. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP3 LTSS SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP4-LTSS SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Module for Legacy 12 SUSE Linux Enterprise Module for Legacy 12 compat-libldap-2_3-0 libldap-2_4-2 libldap-2_4-2-32bit openldap2 openldap2-back-meta openldap2-back-perl openldap2-client openldap2-devel openldap2-devel-static openldap2-doc openldap2-ppolicy-check-password compat-libldap-2_3-0 as a component of SUSE Linux Enterprise Module for Legacy 12 openldap2 as a component of SUSE Linux Enterprise Module for Legacy 12 openldap2 as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata openldap2 as a component of SUSE Linux Enterprise Server 11 SP3 LTSS openldap2 as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata compat-libldap-2_3-0 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS openldap2 as a component of SUSE Linux Enterprise Server 11 SP4-LTSS openldap2-back-meta as a component of SUSE Linux Enterprise Server 11 SP4-LTSS openldap2 as a component of SUSE Linux Enterprise Server 12 SP1-LTSS openldap2-back-meta as a component of SUSE Linux Enterprise Server 12 SP1-LTSS libldap-2_4-2 as a component of SUSE Linux Enterprise Server 12 SP2 libldap-2_4-2-32bit as a component of SUSE Linux Enterprise Server 12 SP2 openldap2 as a component of SUSE Linux Enterprise Server 12 SP2 openldap2-back-meta as a component of SUSE Linux Enterprise Server 12 SP2 openldap2-client as a component of SUSE Linux Enterprise Server 12 SP2 openldap2 as a component of SUSE Linux Enterprise Server 12-LTSS openldap2-back-meta as a component of SUSE Linux Enterprise Server 12-LTSS compat-libldap-2_3-0 as a component of SUSE Linux Enterprise Server for SAP Applications 12 openldap2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 compat-libldap-2_3-0 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 openldap2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 openldap2-back-meta as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 compat-libldap-2_3-0 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 libldap-2_4-2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 libldap-2_4-2-32bit as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 openldap2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 openldap2-back-meta as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 openldap2-client as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 openldap2-doc as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 openldap2-ppolicy-check-password as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 compat-libldap-2_3-0 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 openldap2-doc as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 openldap2-ppolicy-check-password as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 openldap2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 openldap2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 openldap2-back-perl as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 openldap2-back-perl as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 openldap2-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 openldap2-devel-static as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 openldap2 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by openldap-initscript. CVE-2017-14159 SUSE Linux Enterprise Module for Legacy 12:compat-libldap-2_3-0 SUSE Linux Enterprise Module for Legacy 12:openldap2 SUSE Linux Enterprise Server 11 SP1 for Teradata:openldap2 SUSE Linux Enterprise Server 11 SP3 LTSS:openldap2 SUSE Linux Enterprise Server 11 SP3 for Teradata:openldap2 SUSE Linux Enterprise Server 11 SP4-LTSS:compat-libldap-2_3-0 SUSE Linux Enterprise Server 11 SP4-LTSS:openldap2 SUSE Linux Enterprise Server 11 SP4-LTSS:openldap2-back-meta SUSE Linux Enterprise Server 12 SP1-LTSS:openldap2 SUSE Linux Enterprise Server 12 SP1-LTSS:openldap2-back-meta SUSE Linux Enterprise Server 12 SP2:libldap-2_4-2 SUSE Linux Enterprise Server 12 SP2:libldap-2_4-2-32bit SUSE Linux Enterprise Server 12 SP2:openldap2 SUSE Linux Enterprise Server 12 SP2:openldap2-back-meta SUSE Linux Enterprise Server 12 SP2:openldap2-client SUSE Linux Enterprise Server 12-LTSS:openldap2 SUSE Linux Enterprise Server 12-LTSS:openldap2-back-meta SUSE Linux Enterprise Server for SAP Applications 12 SP1:compat-libldap-2_3-0 SUSE Linux Enterprise Server for SAP Applications 12 SP1:openldap2 SUSE Linux Enterprise Server for SAP Applications 12 SP1:openldap2-back-meta SUSE Linux Enterprise Server for SAP Applications 12 SP2:compat-libldap-2_3-0 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libldap-2_4-2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libldap-2_4-2-32bit SUSE Linux Enterprise Server for SAP Applications 12 SP2:openldap2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:openldap2-back-meta SUSE Linux Enterprise Server for SAP Applications 12 SP2:openldap2-client SUSE Linux Enterprise Server for SAP Applications 12 SP2:openldap2-doc SUSE Linux Enterprise Server for SAP Applications 12 SP2:openldap2-ppolicy-check-password SUSE Linux Enterprise Server for SAP Applications 12 SP3:compat-libldap-2_3-0 SUSE Linux Enterprise Server for SAP Applications 12 SP3:openldap2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:openldap2-doc SUSE Linux Enterprise Server for SAP Applications 12 SP3:openldap2-ppolicy-check-password SUSE Linux Enterprise Server for SAP Applications 12:compat-libldap-2_3-0 SUSE Linux Enterprise Server for SAP Applications 12:openldap2 SUSE Linux Enterprise Software Development Kit 11 SP4:openldap2 SUSE Linux Enterprise Software Development Kit 11 SP4:openldap2-back-perl SUSE Linux Enterprise Software Development Kit 12 SP2:openldap2 SUSE Linux Enterprise Software Development Kit 12 SP2:openldap2-back-perl SUSE Linux Enterprise Software Development Kit 12 SP2:openldap2-devel SUSE Linux Enterprise Software Development Kit 12 SP2:openldap2-devel-static moderate 3.8 AV:L/AC:H/Au:S/C:N/I:N/A:C 4.4 CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H