Astra Linux – Vulnerability in the 389-DS-base

A flaw was discovered in the ‘deref’ plugin of 389-ds-base, where it could use the ‘search’ permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...

EUVD-2019-5952

Malware in sbrugna...

SUSE CVE-2019-14824

A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...

The vulnerability of the deref plugin of the 389 Directory Server service allows attackers to access confidential data.

The vulnerability of the deref plugin in the 389 Directory Server service is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

EulerOS 2.0 SP2 : 389-ds-base (EulerOS-SA-2021-1280)

According to the version of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some...

Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2021-1058)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2020-2539)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : 389-ds-base (EulerOS-SA-2020-2539)

According to the versions of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An...

389-ds-base: Read permission check bypass via the deref plugin

A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...

Important: 389-ds-base

Issue Overview: A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes. CVE-2019-14824 Affected Packages:...

Updated 389-ds-base packages fix security vulnerabilities

he updated packages fix security vulnerabilities and a packaging problem: An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make...

Debian DLA-2004-1 : 389-ds-base security update

A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes. For Debian 8 'Jessie', this problem has been fixed ...

[SECURITY] [DLA 2004-1] 389-ds-base security update

Package : 389-ds-base Version : 1.3.3.5-4+deb8u7 CVE ID : CVE-2019-14824 Debian Bug : 944150 A flaw was found in the deref plugin of 389-ds-base where it could use the search permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private...

RHEL 7 : 389-ds-base (RHSA-2019:3981)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3981 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...

389-ds-base: Read permission check bypass via the deref plugin

A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...

DEBIAN-CVE-2019-14824

A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...

CVE-2019-14824

A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...

CVE-2019-14824

A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...

Design/Logic Flaw

A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...

UBUNTU-CVE-2019-14824

A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...