Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject 389 directory server vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2018-10871
389-ds-base prior to 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective changelog files. An attacker with suf...
Fedoraproject 389 Directory Server
Debian Debian Linux 8.0
5.9
CVSSv3
CVE-2011-0704
389 Directory Server 1.2.7.5, when built with mozldap, allows remote malicious users to cause a denial of service (replica crash) by sending an empty modify request.
Fedoraproject 389 Directory Server 1.2.7.5
9.8
CVSSv3
CVE-2017-7551
389-ds-base version prior to 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.
Fedoraproject 389 Directory Server 1.3.6.7
Fedoraproject 389 Directory Server 1.3.5.19
NA
CVE-2014-3562
Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote malicious users to obtain sensitive replicated metadata by searching the directory.
Fedoraproject 389 Directory Server 1.3.0.3
Fedoraproject 389 Directory Server 1.2.5
Fedoraproject 389 Directory Server 1.2.3
Fedoraproject 389 Directory Server 1.2.11.9
Fedoraproject 389 Directory Server 1.3.0.7
Fedoraproject 389 Directory Server 1.3.0.5
Fedoraproject 389 Directory Server 1.2.8
Fedoraproject 389 Directory Server 1.2.11.23
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Fedoraproject 389 Directory Server 1.2.9.9
Fedoraproject 389 Directory Server 1.2.11.8
Fedoraproject 389 Directory Server 1.2.8.3
Fedoraproject 389 Directory Server 1.2.6
Fedoraproject 389 Directory Server 1.2.10
Fedoraproject 389 Directory Server 1.2.11.13
Fedoraproject 389 Directory Server 1.2.8.2
Fedoraproject 389 Directory Server 1.2.11.22
Fedoraproject 389 Directory Server 1.3.0.8
Fedoraproject 389 Directory Server 1.2.11.21
Fedoraproject 389 Directory Server 1.3.0.4
Fedoraproject 389 Directory Server 1.2.7.5
NA
CVE-2014-0132
The SASL authentication functionality in 389 Directory Server prior to 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind.
Fedoraproject 389 Directory Server 1.2.11.9
Fedoraproject 389 Directory Server 1.2.11.23
Fedoraproject 389 Directory Server 1.2.11.8
Fedoraproject 389 Directory Server 1.2.11.13
Fedoraproject 389 Directory Server
Fedoraproject 389 Directory Server 1.2.11.22
Fedoraproject 389 Directory Server 1.2.11.21
Fedoraproject 389 Directory Server 1.2.11.20
Fedoraproject 389 Directory Server 1.2.11.17
Fedoraproject 389 Directory Server 1.2.11.19
Fedoraproject 389 Directory Server 1.2.11.12
Fedoraproject 389 Directory Server 1.2.11.6
Fedoraproject 389 Directory Server 1.2.11.10
Fedoraproject 389 Directory Server 1.2.11.11
Fedoraproject 389 Directory Server 1.2.11.1
Fedoraproject 389 Directory Server 1.2.11.5
Fedoraproject 389 Directory Server 1.2.11.14
Fedoraproject 389 Directory Server 1.2.11.15
NA
CVE-2013-4485
389 Directory Server 1.2.11.15 (aka Red Hat Directory Server prior to 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.
Redhat Enterprise Linux 6.0
Fedoraproject 389 Directory Server 1.2.11.15
Redhat Directory Server
Redhat Directory Server 8.1
Redhat Directory Server 8.0
Redhat Directory Server 7.1
NA
CVE-2013-0312
389 Directory Server prior to 1.3.0.4 allows remote malicious users to cause a denial of service (crash) via a zero length LDAP control sequence.
Fedoraproject 389 Directory Server
NA
CVE-2012-4450
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry.
Fedoraproject 389 Directory Server 1.2.10
NA
CVE-2012-0833
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server prior to 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause...
Fedoraproject 389 Directory Server 1.2.6
Fedoraproject 389 Directory Server 1.2.6.1
Fedoraproject 389 Directory Server 1.2.8
Fedoraproject 389 Directory Server 1.2.7.5
Fedoraproject 389 Directory Server 1.2.1
Fedoraproject 389 Directory Server 1.2.7
Fedoraproject 389 Directory Server 1.2.2
Fedoraproject 389 Directory Server 1.2.5
Fedoraproject 389 Directory Server
Fedoraproject 389 Directory Server 1.2.8.2
Fedoraproject 389 Directory Server 1.2.8.3
Fedoraproject 389 Directory Server 1.2.9.9
Fedoraproject 389 Directory Server 1.2.10
Fedoraproject 389 Directory Server 1.2.3
Fedoraproject 389 Directory Server 1.2.8.1
1 Github repository
NA
CVE-2012-2678
389 Directory Server prior to 1.2.11.6 (aka Red Hat Directory Server prior to 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote malicious users to read the plaintext password via the unhashed#user#password attribute...
Redhat Directory Server 7.1
Redhat Directory Server
Redhat Directory Server 8.1
Redhat Directory Server 8.0
Fedoraproject 389 Directory Server 1.2.6
Fedoraproject 389 Directory Server 1.2.2
Fedoraproject 389 Directory Server 1.2.3
Fedoraproject 389 Directory Server 1.2.8
Fedoraproject 389 Directory Server 1.2.8.1
Fedoraproject 389 Directory Server 1.2.10.1
Fedoraproject 389 Directory Server 1.2.10.2
Fedoraproject 389 Directory Server 1.2.6.1
Fedoraproject 389 Directory Server 1.2.5
Fedoraproject 389 Directory Server 1.2.1
Fedoraproject 389 Directory Server 1.2.10
Fedoraproject 389 Directory Server
Fedoraproject 389 Directory Server 1.2.7
Fedoraproject 389 Directory Server 1.2.8.2
Fedoraproject 389 Directory Server 1.2.10.3
Fedoraproject 389 Directory Server 1.2.10.4
Fedoraproject 389 Directory Server 1.2.7.5
Fedoraproject 389 Directory Server 1.2.8.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »