Astra Linux – Vulnerability in the 389-DS-base

A flaw has been discovered in 389-ds-base versions 1.4.x.x prior to 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker who can view the screen or record the terminal’s standard error outpu...

RHSA-2026:26465 Red Hat Security Advisory: 389-ds-base security update

Bulletin has no description...

RHSA-2026:26464 Red Hat Security Advisory: 389-ds-base security update

Bulletin has no description...

RHSA-2026:26463 Red Hat Security Advisory: 389-ds:1.4 security update

Bulletin has no description...

RHSA-2026:26456 Red Hat Security Advisory: 389-ds-base security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2026:26457 Red Hat Security Advisory: 389-ds-base security update

Bulletin has no description...

RHSA-2026:26454 Red Hat Security Advisory: 389-ds:1.4 security update

Bulletin has no description...

RHSA-2026:26453 Red Hat Security Advisory: 389-ds-base security update

Bulletin has no description...

RHSA-2026:26452 Red Hat Security Advisory: 389-ds-base security update

Bulletin has no description...

Important: Red Hat Security Advisory: 389-ds-base security, bug fix, and enhancement update

An update for 389-ds-base is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

Linux Distros Unpatched Vulnerability : CVE-2026-11791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in 389 Directory Server. During schema reload, the attrsyntaxswapht function unconditionally frees attribute syntax information nodes, bypassin...

Amazon Linux 2 : 389-ds-base, --advisory ALAS2-2026-3339 (ALAS-2026-3339)

The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3339 advisory. A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound ...

OPENSUSE-SU-2026:10870-1 389-ds-3.1.4+e9d94d45a-1.1 on GA media

These are all security issues fixed in the 389-ds-3.1.4+e9d94d45a-1.1 package on the GA media of openSUSE Tumbleweed...

Astra Linux - уязвимость в 389-ds-base

A flaw was discovered in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then any password will successfully match during authentication, instead of being inactive. This flaw allows an attacker to successfully authenticate as a user whose password h...

Astra Linux - уязвимость в 389-ds-base

The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying userPassword using malformed input...

Astra Linux - уязвимость в 389-ds-base

A heap overflow flaw was discovered in 389-ds-base. This issue causes a denial of service when writing a value larger than 256 characters in logentryattr...

PT-2026-42138

Name of the Vulnerable Software and Affected Versions 389-ds-base affected versions not specified Description A flaw exists in the LDAP server where the get ldapmessage controls ext function fails to enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated...

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2026:1753-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1753-1 advisory. Update to version 2.0.20git89.937b1f291. Security issues fixed: - CVE-2025-14905: heap buffer overflow due to improper size calculation in...

SUSE-SU-2026:1753-1 Security update for 389-ds

This update for 389-ds fixes the following issues: Update to version 2.0.20git89.937b1f291. Security issues fixed: - CVE-2025-14905: heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727. Other updates and bugfixes: - Issue 7224 - CI Test - Simplify...