Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

fedoraproject 389 directory server 1.2.6.1 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2010-4746
Multiple memory leaks in the normalization functionality in 389 Directory Server prior to 1.2.7.5 allow remote malicious users to cause a denial of service (memory consumption) via "badly behaved applications," related to (1) Slapi_Attr mishandling in the DN normalizati...
Fedoraproject 389 Directory Server 1.2.6Fedoraproject 389 Directory Server 1.2.5Fedoraproject 389 Directory ServerFedoraproject 389 Directory Server 1.2.3Fedoraproject 389 Directory Server 1.2.2Fedoraproject 389 Directory Server 1.2.6.1Fedoraproject 389 Directory Server 1.2.1
NA
CVE-2011-1067
slapd (aka ns-slapd) in 389 Directory Server prior to 1.2.8.a2 does not properly manage the c_timelimit field of the connection table element, which allows remote malicious users to cause a denial of service (daemon outage) via Simple Paged Results connections, as demonstrated by...
Fedoraproject 389 Directory Server 1.2.6Fedoraproject 389 Directory Server 1.2.6.1Fedoraproject 389 Directory Server 1.2.5Fedoraproject 389 Directory ServerFedoraproject 389 Directory Server 1.2.7Fedoraproject 389 Directory Server 1.2.7.5Fedoraproject 389 Directory Server 1.2.1Fedoraproject 389 Directory Server 1.2.2Fedoraproject 389 Directory Server 1.2.3
NA
CVE-2011-0022
The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary pro...
Fedoraproject 389 Directory Server 1.2.6Fedoraproject 389 Directory Server 1.2.5Fedoraproject 389 Directory Server 1.2.1Fedoraproject 389 Directory Server 1.2.8Fedoraproject 389 Directory Server 1.2.3Fedoraproject 389 Directory Server 1.2.7Fedoraproject 389 Directory Server 1.2.7.5Fedoraproject 389 Directory Server 1.2.6.1Fedoraproject 389 Directory Server 1.2.2Redhat Directory Server 8.2.3Redhat Directory Server 8.2
NA
CVE-2011-0532
The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x) place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan hor...
Fedoraproject 389 Directory Server 1.2.6.1Fedoraproject 389 Directory Server 1.2.6Fedoraproject 389 Directory Server 1.2.5Fedoraproject 389 Directory Server 1.2.2Fedoraproject 389 Directory Server 1.2.8Fedoraproject 389 Directory Server 1.2.7Fedoraproject 389 Directory Server 1.2.7.5Fedoraproject 389 Directory Server 1.2.1Fedoraproject 389 Directory Server 1.2.3Redhat Directory Server 8.2.3Redhat Directory Server 8.2
NA
CVE-2012-0833
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server prior to 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause...
Fedoraproject 389 Directory Server 1.2.6Fedoraproject 389 Directory Server 1.2.6.1Fedoraproject 389 Directory Server 1.2.8Fedoraproject 389 Directory Server 1.2.7.5Fedoraproject 389 Directory Server 1.2.1Fedoraproject 389 Directory Server 1.2.7Fedoraproject 389 Directory Server 1.2.2Fedoraproject 389 Directory Server 1.2.5Fedoraproject 389 Directory ServerFedoraproject 389 Directory Server 1.2.8.2Fedoraproject 389 Directory Server 1.2.8.3Fedoraproject 389 Directory Server 1.2.9.9Fedoraproject 389 Directory Server 1.2.10Fedoraproject 389 Directory Server 1.2.3Fedoraproject 389 Directory Server 1.2.8.1
NA
CVE-2012-2678
389 Directory Server prior to 1.2.11.6 (aka Red Hat Directory Server prior to 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote malicious users to read the plaintext password via the unhashed#user#password attribute...
Redhat Directory Server 7.1Redhat Directory ServerRedhat Directory Server 8.1Redhat Directory Server 8.0Fedoraproject 389 Directory Server 1.2.6Fedoraproject 389 Directory Server 1.2.2Fedoraproject 389 Directory Server 1.2.3Fedoraproject 389 Directory Server 1.2.8Fedoraproject 389 Directory Server 1.2.8.1Fedoraproject 389 Directory Server 1.2.10.1Fedoraproject 389 Directory Server 1.2.10.2Fedoraproject 389 Directory Server 1.2.6.1Fedoraproject 389 Directory Server 1.2.5Fedoraproject 389 Directory Server 1.2.1Fedoraproject 389 Directory Server 1.2.10Fedoraproject 389 Directory ServerFedoraproject 389 Directory Server 1.2.7Fedoraproject 389 Directory Server 1.2.8.2Fedoraproject 389 Directory Server 1.2.10.3Fedoraproject 389 Directory Server 1.2.10.4Fedoraproject 389 Directory Server 1.2.7.5Fedoraproject 389 Directory Server 1.2.8.3
NA
CVE-2012-2746
389 Directory Server prior to 1.2.11.6 (aka Red Hat Directory Server prior to 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.
Redhat Directory Server 7.1Redhat Directory ServerRedhat Directory Server 8.1Redhat Directory Server 8.0Fedoraproject 389 Directory Server 1.2.7Fedoraproject 389 Directory Server 1.2.6Fedoraproject 389 Directory Server 1.2.3Fedoraproject 389 Directory Server 1.2.5Fedoraproject 389 Directory Server 1.2.8.1Fedoraproject 389 Directory Server 1.2.8Fedoraproject 389 Directory Server 1.2.10.2Fedoraproject 389 Directory Server 1.2.10.3Fedoraproject 389 Directory Server 1.2.2Fedoraproject 389 Directory Server 1.2.10Fedoraproject 389 Directory Server 1.2.10.1Fedoraproject 389 Directory Server 1.2.7.5Fedoraproject 389 Directory Server 1.2.8.2Fedoraproject 389 Directory Server 1.2.8.3Fedoraproject 389 Directory Server 1.2.10.4Fedoraproject 389 Directory Server 1.2.10.7Fedoraproject 389 Directory Server 1.2.6.1Fedoraproject 389 Directory Server 1.2.1
NA
CVE-2014-3562
Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote malicious users to obtain sensitive replicated metadata by searching the directory.
Fedoraproject 389 Directory Server 1.3.0.3Fedoraproject 389 Directory Server 1.2.5Fedoraproject 389 Directory Server 1.2.3Fedoraproject 389 Directory Server 1.2.11.9Fedoraproject 389 Directory Server 1.3.0.7Fedoraproject 389 Directory Server 1.3.0.5Fedoraproject 389 Directory Server 1.2.8Fedoraproject 389 Directory Server 1.2.11.23Redhat Enterprise Linux 7.0Redhat Enterprise Linux 6.0Fedoraproject 389 Directory Server 1.2.9.9Fedoraproject 389 Directory Server 1.2.11.8Fedoraproject 389 Directory Server 1.2.8.3Fedoraproject 389 Directory Server 1.2.6Fedoraproject 389 Directory Server 1.2.10Fedoraproject 389 Directory Server 1.2.11.13Fedoraproject 389 Directory Server 1.2.8.2Fedoraproject 389 Directory Server 1.2.11.22Fedoraproject 389 Directory Server 1.3.0.8Fedoraproject 389 Directory Server 1.2.11.21Fedoraproject 389 Directory Server 1.3.0.4Fedoraproject 389 Directory Server 1.2.7.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook