Download
| Alert*
oval:org.secpod.oval:def:106121
389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. oval:org.secpod.oval:def:1500218 Updated 389-ds-base packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ra ... oval:org.secpod.oval:def:105930 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. oval:org.secpod.oval:def:503457 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * 389-ds-base: Read permission check bypass via the deref plugin For more details about the se ... oval:org.secpod.oval:def:66465 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. The following packages have been upgraded to a later upstream version: 389-ds-base . Security Fix: * 389-ds- ... oval:org.secpod.oval:def:1700293 A flaw was found in the "deref" plugin of 389-ds-base where it could use the "search" permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes oval:org.secpod.oval:def:501080 The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was discovered that the 389 Directory Server did not honor defined attribute access controls when evaluating se ... oval:org.secpod.oval:def:1600326 ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attackers to cause a denial of service via a crafted Distinguished Name in a MOD operation request. 389 Directory Server does not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive ... oval:org.secpod.oval:def:202916 The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was discovered that the 389 Directory Server did not honor defined attribute access controls when evaluating se ... oval:org.secpod.oval:def:106550 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. |