When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated malicious user to check the existence of an entry in the LDAP database.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat 389 directory server |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux 8.0 |
||
redhat directory server 11.0 |