Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat redhat directory server vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2011-0019
slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Directory Server 8.2.x or dirsrv) does not properly handle simple paged result searches, which allows remote malicious users to cause a denial of service (daemon crash) or possibly have unspecified other impact via...
Fedoraproject 389 Directory Server 1.2.7.5
Redhat Directory Server 8.2
Redhat Directory Server 8.2.3
445
VMScore
CVE-2020-35518
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated malicious user to check the existence of an entry in the LDAP database.
Redhat 389 Directory Server
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Directory Server 11.0
409
VMScore
CVE-2008-0890
Red Hat Directory Server 7.1 before SP4 uses insecure permissions for certain directories, which allows local users to modify JAR files and execute arbitrary code via unknown vectors.
Redhat Directory Server
187
VMScore
CVE-2012-2746
389 Directory Server prior to 1.2.11.6 (aka Red Hat Directory Server prior to 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.
Redhat Directory Server
Redhat Directory Server 8.1
Redhat Directory Server 7.1
Redhat Directory Server 8.0
Fedoraproject 389 Directory Server 1.2.5
Fedoraproject 389 Directory Server 1.2.3
Fedoraproject 389 Directory Server 1.2.8
Fedoraproject 389 Directory Server 1.2.9.9
Fedoraproject 389 Directory Server 1.2.8.3
Fedoraproject 389 Directory Server 1.2.6
Fedoraproject 389 Directory Server
Fedoraproject 389 Directory Server 1.2.8.2
Fedoraproject 389 Directory Server 1.2.7.5
Fedoraproject 389 Directory Server 1.2.1
Fedoraproject 389 Directory Server 1.2.2
Fedoraproject 389 Directory Server 1.2.10.1
Fedoraproject 389 Directory Server 1.2.10
Fedoraproject 389 Directory Server 1.2.6.1
Fedoraproject 389 Directory Server 1.2.10.3
Fedoraproject 389 Directory Server 1.2.11.1
Fedoraproject 389 Directory Server 1.2.10.4
Fedoraproject 389 Directory Server 1.2.10.7
107
VMScore
CVE-2012-2678
389 Directory Server prior to 1.2.11.6 (aka Red Hat Directory Server prior to 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote malicious users to read the plaintext password via the unhashed#user#password attribute...
Redhat Directory Server
Redhat Directory Server 8.1
Redhat Directory Server 7.1
Redhat Directory Server 8.0
Fedoraproject 389 Directory Server 1.2.5
Fedoraproject 389 Directory Server 1.2.3
Fedoraproject 389 Directory Server 1.2.8
Fedoraproject 389 Directory Server 1.2.9.9
Fedoraproject 389 Directory Server 1.2.8.3
Fedoraproject 389 Directory Server 1.2.6
Fedoraproject 389 Directory Server
Fedoraproject 389 Directory Server 1.2.8.2
Fedoraproject 389 Directory Server 1.2.7.5
Fedoraproject 389 Directory Server 1.2.1
Fedoraproject 389 Directory Server 1.2.2
Fedoraproject 389 Directory Server 1.2.10.1
Fedoraproject 389 Directory Server 1.2.10
Fedoraproject 389 Directory Server 1.2.6.1
Fedoraproject 389 Directory Server 1.2.10.3
Fedoraproject 389 Directory Server 1.2.11.1
Fedoraproject 389 Directory Server 1.2.10.4
Fedoraproject 389 Directory Server 1.2.10.7
445
VMScore
CVE-2022-1949
An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unauthenticated user to issue a fi...
Port389 389-ds-base
Redhat Enterprise Linux 8.0
Redhat Directory Server 11.0
Redhat Enterprise Linux 9.0
Redhat Directory Server 12.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
356
VMScore
CVE-2021-3514
When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash.
Redhat 389 Directory Server -
356
VMScore
CVE-2018-10935
A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort.
Redhat 389 Directory Server
187
VMScore
CVE-2008-0889
Red Hat Directory Server 8.0, when running on Red Hat Enterprise Linux, uses insecure permissions for the redhat-idm-console script, which allows local users to execute arbitrary code by modifying the script.
Redhat Directory Server 8.0
668
VMScore
CVE-2008-0893
Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote malicious users to perform administrative actions.
Redhat Directory Server 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »