4 matches found
RHEL 7 : 389-ds-base (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - 389-ds-base: replication and the Retro Changelog plugin store plaintext password by default CVE-2018-10871 Note tha...
openSUSE Security Update : 389-ds (openSUSE-2021-868)
This update for 389-ds fixes the following issues : - CVE-2021-3514: Fixed a syncrepl NULL pointer dereference in synccreatestatecontrol bsc1185356 389-ds was updated to version 1.4.3.23git0.f53d0132b : Bump version to 1.4.3.23 : - Issue 4725 - RFE DS - Update the password policy to support a...
389-ds-base: replication and the Retro Changelog plugin store plaintext password by default
By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective changelog files. An attacker with sufficiently high privileges, such as root or Directory Manager, can query these files in order to retrieve plaintext...
389-ds-base security, bug fix, and enhancement update
1.3.8.4-15 - Bump version to 1.3.8.4-15 - Resolves: Bug 1624004 - Fix regression in last patch 1.3.8.4-14 - Bump version to 1.3.8.4-14 - Resolves: Bug 1624004 - potential denial of service attack 1.3.8.4-13 - Bump version to 1.3.8.4-13 - Resolves: Bug 1623949 - Crash in deletepasswdPolicy when...