Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject 389 directory server vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2019-10224
A flaw has been found in 389-ds-base versions 1.4.x.x prior to 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard e...
Fedoraproject 389 Directory Server
5
CVSSv2
CVE-2013-0312
389 Directory Server prior to 1.3.0.4 allows remote malicious users to cause a denial of service (crash) via a zero length LDAP control sequence.
Fedoraproject 389 Directory Server
4.3
CVSSv2
CVE-2011-0704
389 Directory Server 1.2.7.5, when built with mozldap, allows remote malicious users to cause a denial of service (replica crash) by sending an empty modify request.
Fedoraproject 389 Directory Server 1.2.7.5
6
CVSSv2
CVE-2012-4450
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry.
Fedoraproject 389 Directory Server 1.2.10
7.5
CVSSv2
CVE-2011-0019
slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Directory Server 8.2.x or dirsrv) does not properly handle simple paged result searches, which allows remote malicious users to cause a denial of service (daemon crash) or possibly have unspecified other impact via...
Fedoraproject 389 Directory Server 1.2.7.5
Redhat Directory Server 8.2.3
Redhat Directory Server 8.2
1.9
CVSSv2
CVE-2010-3282
389 Directory Server prior to 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local ...
Hp Hp-ux Directory Server
Redhat Redhat Directory Server
Fedoraproject 389 Directory Server
Redhat Directory Server 8.0
4
CVSSv2
CVE-2018-10871
389-ds-base prior to 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective changelog files. An attacker with suf...
Fedoraproject 389 Directory Server
Debian Debian Linux 8.0
7.8
CVSSv2
CVE-2019-10171
It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x prior to 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service.
Fedoraproject 389 Directory Server
Redhat Enterprise Linux Server Eus 7.5
4
CVSSv2
CVE-2013-4485
389 Directory Server 1.2.11.15 (aka Red Hat Directory Server prior to 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.
Redhat Enterprise Linux 6.0
Fedoraproject 389 Directory Server 1.2.11.15
Redhat Directory Server
Redhat Directory Server 8.1
Redhat Directory Server 8.0
Redhat Directory Server 7.1
5
CVSSv2
CVE-2019-3883
In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds. However this timeout applies only for un-encrypted requests. Connections using SSL/TLS are not taking this time...
Fedoraproject 389 Directory Server
Debian Debian Linux 8.0
Redhat Enterprise Linux 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »