11 matches found
Mageia: Security Advisory (MGASA-2015-0108)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-0416)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : 389-ds-base-1.3.3.9-1.fc22 (2015-3368)
Release 1.3.3.9 with security bug fixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Important: 389-ds-base
Issue Overview: An information disclosure flaw was found in the way the 389 Directory Server stored information in the Changelog that is exposed via the 'cn=changelog' LDAP sub-tree. An unauthenticated user could in certain cases use this flaw to read data from the Changelog, which could include...
CVE-2014-8112
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog...
CVE-2014-8112
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog...
DEBIAN-CVE-2014-8112
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog...
CVE-2014-8112
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog...
CVE-2014-8112
389-ds-base (389 Directory Server) is affected: for 1.3.2.x prior to 1.3.2.27 and 1.3.3.x prior to 1.3.3.9, unhashed passwords can be written to the Changelog when nsslapd-unhashed-pw-switch is off, enabling read access to sensitive data by a remote authenticated user. The connected advisories in...
389-ds-base security, bug fix, and enhancement update
1.3.3.1-13 - release 1.3.3.1-13 - Resolves: bug 1183655 - Fixed Covscan FORWARDNULL defects DS 47988 1.3.3.1-12 - release 1.3.3.1-12 - Resolves: bug 1182477 - Windows Sync accidentally cleared rawentry DS 47989 - Resolves: bug 1180325 - upgrade script fails if /etc and /var are on different file...
RHEL 7 : 389-ds-base (RHSA-2015:0416)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0416 advisory. The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and...