22 matches found
Oracle Linux 8 : 389-ds:1.4 (ELSA-2019-3401)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3401 advisory. - In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout'...
Debian dla-3399 : 389-ds - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3399 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3399-1 [email protected]...
[SECURITY] [DLA 3399-1] 389-ds-base security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3399-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky April 24, 2023 https://wiki.debian.org/LTS -...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2021-1280)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : 389-ds-base (EulerOS-SA-2021-1280)
According to the version of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2020-2539)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 : 389-ds:1.4 (RHSA-2020:0464)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0464 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...
Important: Red Hat Security Advisory: 389-ds:1.4 security update
An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Amazon Linux 2 : 389-ds-base (ALAS-2020-1381)
The version of 389-ds-base installed on the remote host is prior to 1.3.9.1-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1381 advisory. A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values...
NewStart CGSL CORE 5.05 / MAIN 5.05 : 389-ds-base Vulnerability (NS-SA-2020-0003)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has 389-ds-base packages installed that are affected by a vulnerability: - A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, th...
Important: 389-ds-base
Issue Overview: A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes. CVE-2019-14824 Affected Packages:...
Virtuozzo 7 : 389-ds-base / 389-ds-base-devel / 389-ds-base-libs / etc (VZLSA-2019-3981)
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
389 security update
CentOS Errata and Security Advisory CESA-2019:3981 An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Oracle Linux 7 : 389-ds-base (ELSA-2019-3981)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3981 advisory. - Resolves: Bug 1748198 - EMBARGOED CVE-2019-14824 389-ds-base: Read permission check bypass via the deref plugin Tenable has extracted the preceding descriptio...
Debian: Security Advisory (DLA-2004-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2004-1] 389-ds-base security update
Package : 389-ds-base Version : 1.3.3.5-4+deb8u7 CVE ID : CVE-2019-14824 Debian Bug : 944150 A flaw was found in the deref plugin of 389-ds-base where it could use the search permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private...
RHEL 7 : 389-ds-base (RHSA-2019:3981)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3981 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...
Security fix for the ALT Linux 8 package 389-ds-base version 1.3.9.1-alt1.gitb6ba77876
1.3.9.1-alt1.gitb6ba77876 built Nov. 15, 2019 Stanislav Levin in task 240814 Nov. 14, 2019 Stanislav Levin - 1.3.9.0 - 1.3.9.1. - Applied upstream fixes fixes: CVE-2019-14824...
CVE-2019-14824
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...
RHEL 8 : 389-ds:1.4 (RHSA-2019:3401)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3401 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP...