When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database.
[
{
"product": "389-ds-base",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "389-ds-base 2.0.3, 389-ds-base 1.4.4.13, 389-ds-base 1.4.3.19"
}
]
}
]