Fedoraproject 389 Directory Server — known CVE vulnerabilities
Every CVE whose affected-product data names Fedoraproject 389 Directory Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (39)
CVE-2017-7551 — CVSS 9.8 (critical): 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different…
CVE-2017-15135 — CVSS 8.1 (high): It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0.3 did not always handle internal hash comparison operations correctly…
CVE-2018-1089 — CVSS 7.5 (high): 389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes…
CVE-2018-1054 — CVSS 7.5 (high): An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including…
CVE-2018-14624 — CVSS 7.5 (high): A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not…
CVE-2019-3883 — CVSS 7.5 (high): In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most…
CVE-2018-14648 — CVSS 7.5 (high): A flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the do_search()…
CVE-2015-1854 — CVSS 7.5 (high): 389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted…
CVE-2019-10171 — CVSS 7.5 (high): It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An…
CVE-2017-15134 — CVSS 7.5 (high): A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled…
CVE-2011-0019 — CVSS 7.5 (high): slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Directory Server 8.2.x or dirsrv) does not properly handle simple paged…
CVE-2016-0741 — CVSS 7.5 (high): slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a…
CVE-2015-3230 — CVSS 7.5 (high): 389 Directory Server (formerly Fedora Directory Server) before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an…
CVE-2018-14638 — CVSS 7.5 (high): A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent…
CVE-2019-14824 — CVSS 6.5 (medium): A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some…
CVE-2017-2668 — CVSS 6.5 (medium): 389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are…
CVE-2014-0132 — CVSS 6.5 (medium): The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary…
CVE-2011-0532 — CVSS 6.2 (medium): The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat…
CVE-2012-4450 — CVSS 6.0 (medium): 389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote…
CVE-2018-10850 — CVSS 5.9 (medium): 389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting…
CVE-2011-0704 — CVSS 5.9 (medium): 389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an…
CVE-2014-8105 — CVSS 5.0 (medium): 389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree…
CVE-2014-3562 — CVSS 5.0 (medium): Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated…
CVE-2013-4283 — CVSS 5.0 (medium): ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attackers to cause a denial of service (server crash) via a crafted…
CVE-2010-4746 — CVSS 5.0 (medium): Multiple memory leaks in the normalization functionality in 389 Directory Server before 1.2.7.5 allow remote attackers to cause a denial of…
CVE-2013-0312 — CVSS 5.0 (medium): 389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence.
CVE-2011-1067 — CVSS 5.0 (medium): slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not properly manage the c_timelimit field of the connection table…
CVE-2011-0022 — CVSS 4.7 (medium): The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured…
CVE-2019-10224 — CVSS 4.6 (medium): A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may…
CVE-2014-8112 — CVSS 4.0 (medium): 389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the…
CVE-2013-2219 — CVSS 4.0 (medium): The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows…
CVE-2013-4485 — CVSS 4.0 (medium): 389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of…
CVE-2018-10871 — CVSS 3.8 (low): 389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica…
CVE-2017-2591 — CVSS 3.7 (low): 389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the…
CVE-2010-3282 — CVSS 3.3 (low): 389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is…
CVE-2013-1897 — CVSS 2.6 (low): The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not…
CVE-2012-0833 — CVSS 2.3 (low): The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled…
CVE-2012-2746 — CVSS 2.1 (low): 389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and…
CVE-2012-2678 — CVSS 1.2 (low): 389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed…