A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.
[
{
"product": "389-ds-base",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.4"
}
]
}
]
bugzilla.redhat.com/show_bug.cgi?id=2064769
github.com/ByteHackr/389-ds-base
lists.debian.org/debian-lts-announce/2023/04/msg00026.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QFD7CBBX3IZOSHEWL2EYKRLOEQSXCZ6/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PYT2IQJFHQWZENJJRY6EJB3XIFZGNT7F/