Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-8112HistoryMar 10, 2015 - 2:59 p.m.
CVE-2014-8112
2015-03-1014:59:01
Debian Security Bug Tracker
security-tracker.debian.org
13
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.002
Percentile
56.3%
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores “unhashed” passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | 389-ds-base | < 1.3.3.5-4 | 389-ds-base_1.3.3.5-4_all.deb |
| Debian | 11 | all | 389-ds-base | < 1.3.3.5-4 | 389-ds-base_1.3.3.5-4_all.deb |
| Debian | 999 | all | 389-ds-base | < 1.3.3.5-4 | 389-ds-base_1.3.3.5-4_all.deb |
| Debian | 13 | all | 389-ds-base | < 1.3.3.5-4 | 389-ds-base_1.3.3.5-4_all.deb |
Related
prion
prion
Code injection
2015-03-10 14:59:00
ubuntucve
ubuntucve
CVE-2014-8112
2015-03-10 00:00:00
cve
cve
CVE-2014-8112
2015-03-10 14:59:01
cvelist
cvelist
CVE-2014-8112
2015-03-10 14:00:00
nvd
nvd
CVE-2014-8112
2015-03-10 14:59:01
nessus
nessus
Amazon Linux AMI : 389-ds-base (ALAS-2015-501)
2015-04-02 00:00:00
RHEL 7 : 389-ds-base (RHSA-2015:0416)
2015-03-05 00:00:00
Scientific Linux Security Update : 389-ds-base on SL7.x x86_64 (20150305)
2015-03-26 00:00:00
mageia
mageia
Updated 389-ds-base packages fix security vulnerabilities
2015-03-14 21:44:24
centos
centos
389 security update
2015-03-17 13:27:32
openvas
openvas
RedHat Update for 389-ds-base RHSA-2015:0416-01
2015-03-06 00:00:00
Oracle: Security Advisory (ELSA-2015-0416)
2015-10-06 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-501)
2015-09-08 00:00:00
amazon
amazon
Important: 389-ds-base
2015-04-01 13:49:00
fedora
fedora
[SECURITY] Fedora 22 Update: 389-ds-base-1.3.3.9-1.fc22
2015-03-31 21:43:31
redhat
redhat
oraclelinux
oraclelinux
389-ds-base security, bug fix, and enhancement update
2015-03-09 00:00:00
osv
osv
389-ds-1.3.4.14-1.2 on GA media
2024-06-15 00:00:00
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
0.002
Percentile
56.3%
Related for DEBIANCVE:CVE-2014-8112