Published: 01/10/2012 Updated: 08/03/2013

CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8

VMScore: 534

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry.

Vulnerable Product	Search on Vulmon	Subscribe to Product
fedoraproject 389 directory server 1.2.10

Synopsis Moderate: 389-ds-base security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic Updated 389-ds-base packages that fix one security issue, numerous bugs,and add various enhancements are now available for Red Hat EnterpriseLinux 6The Red Hat Security Response Team has ...

Debian Bug report logs - #688942 389-ds-base: CVE-2012-4450 Package: 389-ds-base; Maintainer for 389-ds-base is Debian FreeIPA Team <pkg-freeipa-devel@alioth-listsdebiannet>; Source for 389-ds-base is src:389-ds-base (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 27 Sep 2012 07:30 ...

CWE-264 http://www.openwall.com/lists/oss-security/2012/09/26/5 http://secunia.com/advisories/50713 https://fedorahosted.org/389/ticket/340 http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09 https://bugzilla.redhat.com/show_bug.cgi?id=860772 http://www.openwall.com/lists/oss-security/2012/09/26/3 http://www.securityfocus.com/bid/55690 http://rhn.redhat.com/errata/RHSA-2013-0503.html https://access.redhat.com/errata/RHSA-2013:0503 https://nvd.nist.gov

CVE-2012-4450

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect