389 Directory Server@1.2.11.1 Security Vulnerabilities and Issues — 389 Directory Server@1.2.11.1 CVE List

Lucene search

Fedoraproject389 Directory Server1.2.11.1

5 matches found

CVE•added 2014/08/21 2:55 p.m.•87 views

CVE-2014-3562

Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

5CVSS6.2AI score0.00307EPSS

CVE•added 2012/07/03 4:40 p.m.•56 views

CVE-2012-2678

389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.

1.2CVSS6.6AI score0.00238EPSS

CVE•added 2013/05/13 11:55 p.m.•53 views

CVE-2013-1897

The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote a...

2.6CVSS5.8AI score0.0041EPSS

CVE•added 2012/07/03 4:40 p.m.•47 views

CVE-2012-2746

389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.

2.1CVSS6.2AI score0.00509EPSS

CVE•added 2014/03/18 5:2 p.m.•47 views

CVE-2014-0132

The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind.

6.5CVSS6.5AI score0.00573EPSS