MiracleLinux 9 : 389-ds-base-2.4.5-9.el9_4 (AXSA:2024-8654:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8654:07 advisory. 389-ds-base: Malformed userPassword hash may cause Denial of Service CVE-2024-5953 389-ds-base: unauthenticated user can trigger a DoS by sending a...

MiracleLinux 8 : 389-ds:1.4 (AXSA:2024-8806:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8806:01 advisory. 389-ds-base: Malformed userPassword hash may cause Denial of Service CVE-2024-5953 Tenable has extracted the preceding description block directly from the...

TencentOS Server 3: 389-ds:1.4 (TSSA-2024:0767)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0767 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 2: 389-ds-base (TSSA-2024:0434)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0434 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0180: 389-ds:1.4 (ALINUX3-SA-2024:0180)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0180 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-5953: A denial of service vulnerability wa...

Amazon Linux 2 : 389-ds-base (ALAS-2025-2798)

The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2798 advisory. A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user...

Linux Distros Unpatched Vulnerability : CVE-2024-5953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while...

RHEL 8 : redhat-ds:11 (RHSA-2025:1632)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:1632 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol...

Fedora 41 : 389-ds-base (2024-48c0a7fa73)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-48c0a7fa73 advisory. Automatic update for 389-ds-base-3.1.1-1.fc41. Changelog Tue Jul 30 2024 Viktor Ashirov - 3.1.1-1 - Update to 3.1.1 - Resolves: CVE-2024-1062...

RHEL 8 : redhat-ds:11 (RHSA-2024:6568)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6568 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol LDAP serve...

RHEL 8 : 389-ds:1.4 (RHSA-2024:6569)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6569 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...

RHEL 9 : redhat-ds:12 (RHSA-2024:4997)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4997 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol...

openSUSE: Security Advisory for 389 (SUSE-SU-2024:3843-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for 389 (SUSE-SU-2024:3844-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: redhat-ds:12 security update

An update for the redhat-ds:12 module is now available for Red Hat Directory Server 12 Extended Update Support for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

389-ds-base security update

1.3.11.1-5.0.1 - Security fix for CVE-2024-5953 Orabug: 37016708CVE-2024-5953...

SUSE-SU-2024:3257-1 Security update for 389-ds

This update for 389-ds fixes the following issues: - Update to version 1.4.4.20git3.e7ac6d87: - CVE-2024-3657: DOS via via specially crafted kerberos AS-REQ request. bsc1225512 - CVE-2024-5953: Malformed userPassword hashes may cause a denial of service. bsc1226277 - CVE-2024-2199: Malformed...

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2024:3218-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3218-1 advisory. - Update to version 2.0.20 - CVE-2024-3657: DOS via via specially crafted kerberos AS-REQ request. bsc1225512 - CVE-2024-5953:...

openSUSE: Security Advisory for 389 (SUSE-SU-2024:3218-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

389-ds:1.4 security update

1.4.3.39-8 - Bump version to 1.4.3.39-8 - Resolves: RHEL-40943 - CVE-2024-5953 389-ds:1.4/389-ds-base: Malformed userPassword hash may cause Denial of Service rhel-8.10.z - Resolves: RHEL-58069 - perf search result investigation for many large static groups and members rhel-8.10.0.z...