Oracle Linux 8 : 389-ds:1.4 (ELSA-2026-5513)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5513 advisory. - Resolves: RHEL-137074 - CVE-2025-14905 389-ds:1.4/389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow rhel-8.10.z...

RHEL 8 : redhat-ds:11 (RHSA-2026:5568)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5568 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol LDAP serve...

RHEL 9 : 389-ds-base (RHSA-2026:3189)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3189 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...

MiracleLinux 4 : 389-ds-base-1.2.11.15-11.AXS4 (AXSA:2013-134:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-134:01 advisory. 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. Security...

MiracleLinux 7 : 389-ds-base-1.3.6.1-19.el7 (AXSA:2017-2225:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2225:06 advisory. A flaw was found in the way 389-ds-base handled authentication attempts against locked accounts. A remote attacker could potentially use this flaw to continu...

Linux Distros Unpatched Vulnerability : CVE-2017-2668

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote...

CVE-2007-6743

Double free vulnerability in IBM Tivoli Directory Server TDS 5.2 before 5.2.0.5-TIV-ITDS-LA0005 allows remote authenticated users to cause a denial of service ABEND via search operations that trigger recursive filterfree calls...

389-ds-base: expired password was still allowed to access the database

A vulnerability was found in the 389 Directory Server. This issue allows expired passwords to access the database, causing improper authentication...

CVE-2019-4549

IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 165951...

389-ds-base: ACI readable by anonymous user

It was found that 389 Directory Server was vulnerable to a flaw in which the default ACI Access Control Instructions could be read by an anonymous user. This could lead to leakage of sensitive information...

CVE-2013-4485

389 Directory Server 1.2.11.15 aka Red Hat Directory Server before 8.2.11-14 allows remote authenticated users to cause a denial of service crash via multiple @ characters in a GER attribute list in a search request...

CVE-2013-2219

The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute...