CVE-2016-5416

Debian Bug report logs - #834233 389-ds-base: CVE-2016-5416: ACI readable by anonymous user Package: src:389-ds-base; Maintainer for src:389-ds-base is Debian FreeIPA Team <pkg-freeipa-devel@alioth-listsdebiannet>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 13 Aug 2016 15:48:01 UTC Severity: i ...

Synopsis Moderate: 389-ds-base security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for 389-ds-base is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Sc ...

Synopsis Moderate: 389-ds-base security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for 389-ds-base is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Sc ...

CVE-2016-5405 389-ds-base: Password verification vulnerable to timing attackIt was found that 389 Directory Server was vulnerable to a remote password disclosure via timing attack A remote attacker could possibly use this flaw to retrieve directory server password after many tries CVE-2016-5416 389-ds-base: ACI readable by anonymous userIt was fo ...

It was found that 389 Directory Server was vulnerable to a flaw in which the default ACI (Access Control Instructions) could be read by an anonymous user This could lead to leakage of sensitive information ...