389 Directory Server@1.2.11.15 Security Vulnerabilities and Issues — 389 Directory Server@1.2.11.15 CVE List

Lucene search

Fedoraproject389 Directory Server1.2.11.15

4 matches found

CVE•added 2014/08/21 2:55 p.m.•87 views

CVE-2014-3562

Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

5CVSS6.2AI score0.00307EPSS

CVE•added 2013/11/23 11:55 a.m.•61 views

CVE-2013-4485

389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.

4CVSS6AI score0.00422EPSS

CVE•added 2013/05/13 11:55 p.m.•53 views

CVE-2013-1897

The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote a...

2.6CVSS5.8AI score0.0041EPSS

CVE•added 2014/03/18 5:2 p.m.•47 views

CVE-2014-0132

The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind.

6.5CVSS6.5AI score0.00573EPSS