Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject 389 directory server vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2019-10224
A flaw has been found in 389-ds-base versions 1.4.x.x prior to 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard e...
Fedoraproject 389 Directory Server
2.1
CVSSv2
CVE-2012-2746
389 Directory Server prior to 1.2.11.6 (aka Red Hat Directory Server prior to 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.
Redhat Directory Server
Redhat Directory Server 8.1
Redhat Directory Server 7.1
Redhat Directory Server 8.0
Fedoraproject 389 Directory Server 1.2.5
Fedoraproject 389 Directory Server 1.2.3
Fedoraproject 389 Directory Server 1.2.8
Fedoraproject 389 Directory Server 1.2.9.9
Fedoraproject 389 Directory Server 1.2.8.3
Fedoraproject 389 Directory Server 1.2.6
Fedoraproject 389 Directory Server
Fedoraproject 389 Directory Server 1.2.8.2
Fedoraproject 389 Directory Server 1.2.7.5
Fedoraproject 389 Directory Server 1.2.1
Fedoraproject 389 Directory Server 1.2.2
Fedoraproject 389 Directory Server 1.2.10.1
Fedoraproject 389 Directory Server 1.2.10
Fedoraproject 389 Directory Server 1.2.6.1
Fedoraproject 389 Directory Server 1.2.10.3
Fedoraproject 389 Directory Server 1.2.11.1
Fedoraproject 389 Directory Server 1.2.10.4
Fedoraproject 389 Directory Server 1.2.10.7
1.9
CVSSv2
CVE-2010-3282
389 Directory Server prior to 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local ...
Hp Hp-ux Directory Server
Redhat Redhat Directory Server
Fedoraproject 389 Directory Server
Redhat Directory Server 8.0
1.2
CVSSv2
CVE-2012-2678
389 Directory Server prior to 1.2.11.6 (aka Red Hat Directory Server prior to 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote malicious users to read the plaintext password via the unhashed#user#password attribute...
Redhat Directory Server
Redhat Directory Server 8.1
Redhat Directory Server 7.1
Redhat Directory Server 8.0
Fedoraproject 389 Directory Server 1.2.5
Fedoraproject 389 Directory Server 1.2.3
Fedoraproject 389 Directory Server 1.2.8
Fedoraproject 389 Directory Server 1.2.9.9
Fedoraproject 389 Directory Server 1.2.8.3
Fedoraproject 389 Directory Server 1.2.6
Fedoraproject 389 Directory Server
Fedoraproject 389 Directory Server 1.2.8.2
Fedoraproject 389 Directory Server 1.2.7.5
Fedoraproject 389 Directory Server 1.2.1
Fedoraproject 389 Directory Server 1.2.2
Fedoraproject 389 Directory Server 1.2.10.1
Fedoraproject 389 Directory Server 1.2.10
Fedoraproject 389 Directory Server 1.2.6.1
Fedoraproject 389 Directory Server 1.2.10.3
Fedoraproject 389 Directory Server 1.2.11.1
Fedoraproject 389 Directory Server 1.2.10.4
Fedoraproject 389 Directory Server 1.2.10.7
NA
CVE-2023-1055
A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can li...
Redhat Directory Server 12.0
Redhat Directory Server 12.1
Redhat Directory Server 11.5
Redhat Directory Server 11.6
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
NA
CVE-2022-2850
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated malicious user to cause a denial of service. This CVE is assigned aga...
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Directory Server 11.0
Redhat Enterprise Linux 9.0
Redhat Directory Server 12.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Port389 389-ds-base
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3