Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject 389 directory server vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2013-0312
389 Directory Server prior to 1.3.0.4 allows remote malicious users to cause a denial of service (crash) via a zero length LDAP control sequence.
Fedoraproject 389 Directory Server
445
VMScore
CVE-2010-4746
Multiple memory leaks in the normalization functionality in 389 Directory Server prior to 1.2.7.5 allow remote malicious users to cause a denial of service (memory consumption) via "badly behaved applications," related to (1) Slapi_Attr mishandling in the DN normalizati...
Fedoraproject 389 Directory Server 1.2.6
Fedoraproject 389 Directory Server 1.2.5
Fedoraproject 389 Directory Server
Fedoraproject 389 Directory Server 1.2.3
Fedoraproject 389 Directory Server 1.2.2
Fedoraproject 389 Directory Server 1.2.6.1
Fedoraproject 389 Directory Server 1.2.1
445
VMScore
CVE-2011-1067
slapd (aka ns-slapd) in 389 Directory Server prior to 1.2.8.a2 does not properly manage the c_timelimit field of the connection table element, which allows remote malicious users to cause a denial of service (daemon outage) via Simple Paged Results connections, as demonstrated by...
Fedoraproject 389 Directory Server 1.2.6
Fedoraproject 389 Directory Server 1.2.6.1
Fedoraproject 389 Directory Server 1.2.5
Fedoraproject 389 Directory Server
Fedoraproject 389 Directory Server 1.2.7
Fedoraproject 389 Directory Server 1.2.7.5
Fedoraproject 389 Directory Server 1.2.1
Fedoraproject 389 Directory Server 1.2.2
Fedoraproject 389 Directory Server 1.2.3
418
VMScore
CVE-2011-0022
The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary pro...
Fedoraproject 389 Directory Server 1.2.6
Fedoraproject 389 Directory Server 1.2.5
Fedoraproject 389 Directory Server 1.2.1
Fedoraproject 389 Directory Server 1.2.8
Fedoraproject 389 Directory Server 1.2.3
Fedoraproject 389 Directory Server 1.2.7
Fedoraproject 389 Directory Server 1.2.7.5
Fedoraproject 389 Directory Server 1.2.6.1
Fedoraproject 389 Directory Server 1.2.2
Redhat Directory Server 8.2.3
Redhat Directory Server 8.2
383
VMScore
CVE-2011-0704
389 Directory Server 1.2.7.5, when built with mozldap, allows remote malicious users to cause a denial of service (replica crash) by sending an empty modify request.
Fedoraproject 389 Directory Server 1.2.7.5
356
VMScore
CVE-2022-0996
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.
Redhat 389 Directory Server 1.4.0.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Redhat Enterprise Linux 8.0
1 Github repository
356
VMScore
CVE-2018-10871
389-ds-base prior to 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective changelog files. An attacker with suf...
Fedoraproject 389 Directory Server
Debian Debian Linux 8.0
356
VMScore
CVE-2013-4485
389 Directory Server 1.2.11.15 (aka Red Hat Directory Server prior to 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.
Redhat Enterprise Linux 6.0
Fedoraproject 389 Directory Server 1.2.11.15
Redhat Directory Server
Redhat Directory Server 8.1
Redhat Directory Server 8.0
Redhat Directory Server 7.1
312
VMScore
CVE-2019-14824
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated malicious user to view private attributes, such as password hashes.
Fedoraproject 389 Directory Server -
Redhat Enterprise Linux 7.0
Debian Debian Linux 8.0
205
VMScore
CVE-2012-0833
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server prior to 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause...
Fedoraproject 389 Directory Server 1.2.6
Fedoraproject 389 Directory Server 1.2.6.1
Fedoraproject 389 Directory Server 1.2.8
Fedoraproject 389 Directory Server 1.2.7.5
Fedoraproject 389 Directory Server 1.2.1
Fedoraproject 389 Directory Server 1.2.7
Fedoraproject 389 Directory Server 1.2.2
Fedoraproject 389 Directory Server 1.2.5
Fedoraproject 389 Directory Server
Fedoraproject 389 Directory Server 1.2.8.2
Fedoraproject 389 Directory Server 1.2.8.3
Fedoraproject 389 Directory Server 1.2.9.9
Fedoraproject 389 Directory Server 1.2.10
Fedoraproject 389 Directory Server 1.2.3
Fedoraproject 389 Directory Server 1.2.8.1
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »