Product:

389_directory_server

(Redhat)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 7
Date Id Summary Products Score Patch Annotated
2024-02-12 CVE-2024-1062 A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr. Fedora, 389_directory_server, Directory_server, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_arm_64_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Enterprise_linux_update_services_for_sap_solutions N/A
2024-07-09 CVE-2024-6237 A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service. 389_directory_server, Directory_server, Enterprise_linux 6.5
2022-03-23 CVE-2022-0996 A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. Fedora, 389_directory_server, Enterprise_linux 6.5
2021-05-28 CVE-2021-3514 When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash. 389_directory_server 6.5
2021-03-26 CVE-2020-35518 When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database. 389_directory_server, Directory_server, Enterprise_linux 5.3
2019-11-05 CVE-2010-2222 The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows attackers to cause a denial of service (NULL pointer dereference) via a crafted search query. 389_directory_server, Directory_server N/A
2018-09-11 CVE-2018-10935 A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort. 389_directory_server N/A