Port389 389-Ds-Base vulnerabilities

CVE-2013-0336 [MEDIUM] CVE-2013-0336: The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the directory server (dirsrv) in FreeIPA before 3.2.0 allows remote attackers to cause a denial of service (crash) via a connection request without a username/dn, related to the 389 directory server.

CVE-2014-3562 [MEDIUM] CVE-2014-3562: Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by sea Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

CVE-2014-0132 [MEDIUM] CVE-2014-0132: The SASL authentication functionality in 389 Directory Server before 1 The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind.

CVE-2013-4485 [MEDIUM] CVE-2013-4485: 389 Directory Server 1 389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.

CVE-2013-4283 [MEDIUM] CVE-2013-4283: ns-slapd in 389 Directory Server before 1 ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attackers to cause a denial of service (server crash) via a crafted Distinguished Name (DN) in a MOD operation request.

CVE-2013-2219 [MEDIUM] CVE-2013-2219: The Red Hat Directory Server before 8 The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.

CVE-2013-1897 [LOW] CVE-2013-1897: The do_search function in ldap/servers/slapd/search The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote attackers to obtain sensitive information outside of the rootDSE via a crafted LDAP search.

CVE-2013-0312 [MEDIUM] CVE-2013-0312: 389 Directory Server before 1 389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence.

CVE-2012-4450 [MEDIUM] CVE-2012-4450: 389 Directory Server 1 389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry.

CVE-2012-2746 [LOW] CVE-2012-2746: 389 Directory Server before 1 389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.

CVE-2012-2678 [LOW] CVE-2012-2678: 389 Directory Server before 1 389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.