389 Directory Server Security Vulnerabilities and Issues — 389 Directory Server CVE List

Lucene search

Fedoraproject389 Directory Server

5 matches found

CVE•added 2013/11/23 11:55 a.m.•61 views

CVE-2013-4485

389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.

4CVSS6AI score0.00422EPSS

CVE•added 2013/07/31 1:20 p.m.•58 views

CVE-2013-2219

The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.

4CVSS5.6AI score0.00173EPSS

CVE•added 2013/05/13 11:55 p.m.•53 views

CVE-2013-1897

The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote a...

2.6CVSS5.8AI score0.0041EPSS

CVE•added 2013/03/13 8:55 p.m.•51 views

CVE-2013-0312

389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence.

5CVSS6.3AI score0.01382EPSS

CVE•added 2013/09/10 7:55 p.m.•47 views

CVE-2013-4283

ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attackers to cause a denial of service (server crash) via a crafted Distinguished Name (DN) in a MOD operation request.

5CVSS6.2AI score0.00755EPSS