Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2014-0145
HistoryMar 31, 2014 - 11:44 p.m.

Updated 389-ds-base package fixes security vulnerability

2014-03-3123:44:51
Gentoo Foundation
advisories.mageia.org
18

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

EPSS

0.006

Percentile

77.9%

JSON

It was discovered that the 389 Directory Server did not properly handle certain SASL-based authentication mechanisms. A user able to authenticate to the directory using these SASL mechanisms could connect as any other directory user, including the administrative Directory Manager account. This could allow them to modify configuration values, as well as read and write any data the directory holds (CVE-2014-0132).

OSVersionArchitecturePackageVersionFilename
Mageia3noarch389-ds-base<Β 1.3.0.9-1.1389-ds-base-1.3.0.9-1.1.mga3
Mageia4noarch389-ds-base<Β 1.3.2.7-1.1389-ds-base-1.3.2.7-1.1.mga4

Related

nessus 7
redhat 1
ubuntucve 1
seebug 1
debiancve 1
amazon 1
nvd 1
fedora 2
oraclelinux 1
openvas 11
cve 1
cvelist 1
veracode 1
prion 1
centos 1
nessus
nessus
Oracle Linux 6 : 389-ds-base (ELSA-2014-0292)
2014-03-14 00:00:00
RHEL 6 : 389-ds-base (RHSA-2014:0292)
2014-03-14 00:00:00
Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20140313)
2014-03-14 00:00:00
redhat
redhat
(RHSA-2014:0292) Important: 389-ds-base security update
2014-03-13 00:00:00
ubuntucve
ubuntucve
CVE-2014-0132
2014-03-18 00:00:00
seebug
seebug
389 Directory Server SASL/GSSAPIιͺŒθ―η»•θΏ‡ζΌζ΄ž
2014-03-18 00:00:00
debiancve
debiancve
CVE-2014-0132
2014-03-18 17:02:53
amazon
amazon
Important: 389-ds-base
2014-03-24 23:34:00
nvd
nvd
CVE-2014-0132
2014-03-18 17:02:53
fedora
fedora
[SECURITY] Fedora 20 Update: 389-ds-base-1.3.2.16-1.fc20
2014-03-15 15:15:44
[SECURITY] Fedora 19 Update: 389-ds-base-1.3.1.22-1.fc19
2014-03-15 15:23:08
oraclelinux
oraclelinux
389-ds-base security update
2014-03-13 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0145)
2022-01-28 00:00:00
CentOS Update for 389-ds-base CESA-2014:0292 centos6
2014-03-17 00:00:00
Fedora Update for 389-ds-base FEDORA-2014-3904
2014-03-17 00:00:00
cve
cve
CVE-2014-0132
2014-03-18 17:02:53
cvelist
cvelist
CVE-2014-0132
2014-03-18 14:00:00
veracode
veracode
Privilege Escalation
2019-01-15 08:58:29
prion
prion
Authentication flaw
2014-03-18 17:02:00
centos
centos
389 security update
2014-03-13 21:39:06

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

EPSS

0.006

Percentile

77.9%

JSON
Related for MGASA-2014-0145
nessus7redhat1ubuntucve1seebug1debiancve1amazon1nvd1fedora2oraclelinux1openvas11cve1cvelist1veracode1prion1centos1