EUVD-2021-26832

Malware in sbrugna...

RHEL 8 : redhat-ds:11 (RHSA-2022:8886)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8886 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol LDAP serve...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : 389 Directory Server vulnerabilities (USN-5231-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5231-1 advisory. It was discovered that 389 Directory Server presented to users, during authentication, an error message which could be used to...

Moderate: Red Hat Security Advisory: 389-ds:1.4 security update

An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : 389-ds-base (RHSA-2022:8162)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8162 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP...

389-ds-base security, bug fix, and enhancement update

An update is available for 389-ds-base. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The ba...

ALSA-2022:8162 Moderate: 389-ds-base security, bug fix, and enhancement update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. The following packages have been upgraded to a later upstream version: 389-ds-base 2.1.3...

Scientific Linux Security Update : 389-ds-base on SL7.x x86_64 (2022:7087)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:7087-1 advisory. - 389-ds-base: SIGSEGV in syncrepl CVE-2022-2850 Note that Nessus has not tested for this issue but has instead relied only on the application's...

389-ds:1.4 security update

1.4.3.28-8 - Bump version to 1.4.3.28-8 - Resolves: Bug 2131743 - SIGSEGV in syncrepl...

389-ds:1.4 security update

An update is available for 389-ds-base. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The ba...

RHEL 8 : 389-ds:1.4 (RHSA-2021:2796)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2796 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...

openSUSE: Security Advisory for 389-ds (openSUSE-SU-2021:0868-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for 389-ds (moderate)

openSUSE Security Update: Security update for 389-ds Announcement ID: openSUSE-SU-2021:0868-1 Rating: moderate References: 1185356 Cross-References: CVE-2021-3514 CVSS scores: CVE-2021-3514 NVD : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.2 An update that...

openSUSE Security Update : 389-ds (openSUSE-2021-868)

This update for 389-ds fixes the following issues : - CVE-2021-3514: Fixed a syncrepl NULL pointer dereference in synccreatestatecontrol bsc1185356 389-ds was updated to version 1.4.3.23git0.f53d0132b : Bump version to 1.4.3.23 : - Issue 4725 - RFE DS - Update the password policy to support a...

CVE-2021-3514

When using a syncrepl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash...

CVE-2021-3514

When using a syncrepl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash...

Null pointer dereference

When using a syncrepl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash...

CVE-2021-3514

In 389-ds-base, the vulnerability CVE-2021-3514 is triggered when using a sync_repl client: an authenticated attacker can send a specially crafted query that results in a NULL pointer dereference, causing a crash (denial of service). Several connected advisories reference this flaw and note a rel...

CVE-2021-3514

When using a syncrepl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash...

CVE-2021-3514

When using a syncrepl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash...