Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject 389 directory server vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2019-10224
A flaw has been found in 389-ds-base versions 1.4.x.x prior to 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard e...
Fedoraproject 389 Directory Server
445
VMScore
CVE-2013-0312
389 Directory Server prior to 1.3.0.4 allows remote malicious users to cause a denial of service (crash) via a zero length LDAP control sequence.
Fedoraproject 389 Directory Server
534
VMScore
CVE-2012-4450
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry.
Fedoraproject 389 Directory Server 1.2.10
383
VMScore
CVE-2011-0704
389 Directory Server 1.2.7.5, when built with mozldap, allows remote malicious users to cause a denial of service (replica crash) by sending an empty modify request.
Fedoraproject 389 Directory Server 1.2.7.5
668
VMScore
CVE-2011-0019
slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Directory Server 8.2.x or dirsrv) does not properly handle simple paged result searches, which allows remote malicious users to cause a denial of service (daemon crash) or possibly have unspecified other impact via...
Fedoraproject 389 Directory Server 1.2.7.5
Redhat Directory Server 8.2.3
Redhat Directory Server 8.2
169
VMScore
CVE-2010-3282
389 Directory Server prior to 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local ...
Hp Hp-ux Directory Server
Redhat Redhat Directory Server
Fedoraproject 389 Directory Server
Redhat Directory Server 8.0
356
VMScore
CVE-2018-10871
389-ds-base prior to 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective changelog files. An attacker with suf...
Fedoraproject 389 Directory Server
Debian Debian Linux 8.0
694
VMScore
CVE-2019-10171
It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x prior to 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service.
Fedoraproject 389 Directory Server
Redhat Enterprise Linux Server Eus 7.5
356
VMScore
CVE-2013-4485
389 Directory Server 1.2.11.15 (aka Red Hat Directory Server prior to 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.
Redhat Enterprise Linux 6.0
Fedoraproject 389 Directory Server 1.2.11.15
Redhat Directory Server
Redhat Directory Server 8.1
Redhat Directory Server 8.0
Redhat Directory Server 7.1
312
VMScore
CVE-2019-14824
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated malicious user to view private attributes, such as password hashes.
Fedoraproject 389 Directory Server -
Redhat Enterprise Linux 7.0
Debian Debian Linux 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »