17 matches found
MiracleLinux 4 : 389-ds-base-1.2.11.15-14.AXS4 (AXSA:2013-412:03)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-412:03 advisory. 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. Security...
Linux Distros Unpatched Vulnerability : CVE-2013-1897
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dosearch function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access t...
Amazon Linux: Security Advisory (ALAS-2013-184)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : 389-ds-base (ALAS-2013-184)
It was found that the 389 Directory Server did not properly restrict access to entries when the 'nsslapd-allow-anonymous-access' configuration setting was set to 'rootdse'. An anonymous user could connect to the LDAP database and, if the search scope is set to BASE, obtain access to information...
Fedora 17 : 389-ds-base-1.2.11.21-1.fc17 (2013-5349)
Here is where you give an explanation of your update. This release fixes 7 critical bugs including one security bug. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format...
Fedora Update for 389-ds-base FEDORA-2013-5349
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-1897
The dosearch function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote...
CVE-2013-1897
CVE-2013-1897 affects 389-ds-base (389 Directory Server) prior to 1.2.11.20 and 1.3.x prior to 1.3.0.5. The do_search in ldap/servers/slapd/search.c fails to restrict anonymous access when nsslapd-allow-anonymous-access is rootdse and the BASE scope is used, enabling remote attackers to view info...
RedHat Update for 389-ds-base RHSA-2013:0742-01
Check for the Version of 389-ds-base OpenVAS Vulnerability Test RedHat Update for 389-ds-base RHSA-2013:0742-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...
RedHat Update for 389-ds-base RHSA-2013:0742-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for 389-ds-base CESA-2013:0742 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected",...
Low: 389-ds-base
Issue Overview: It was found that the 389 Directory Server did not properly restrict access to entries when the "nsslapd-allow-anonymous-access" configuration setting was set to "rootdse". An anonymous user could connect to the LDAP database and, if the search scope is set to BASE, obtain access ...
RHEL 6 : 389-ds-base (RHSA-2013:0742)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0742 advisory. The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and...
Fedora Update for freeipa FEDORA-2013-4460
Check for the Version of freeipa OpenVAS Vulnerability Test Fedora Update for freeipa FEDORA-2013-4460 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora 18 : freeipa-3.1.3-4.fc18 (2013-4460)
Update to upstream 3.1.3. Add fix for CVE-2013-0336 389-ds-base: DoS when connecting with a missing username/dn Add fix for CVE-2013-1897: unintended information exposure when nsslapd-allow-anonymous-access is set to rootdse Note that Tenable Network Security has extracted the preceding descripti...
Fedora Update for 389-ds-base FEDORA-2013-4578
Check for the Version of 389-ds-base OpenVAS Vulnerability Test Fedora Update for 389-ds-base FEDORA-2013-4578 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Security fix for the ALT Linux 8 package freeipa version 3.1.99-3
April 2, 2013 Martin Kosek &[email protected] - 3.1.99-3 - Require 389-base-base = 1.3.0.5 to pull the following fixes: - upgrade deadlock caused by DNA plugin reconfiguration - CVE-2013-1897: unintended information exposure when nsslapd-allow-anonymous-access is set to rootdse...