CVE-2013-4283 – 389-ds-base: ns-slapd crash due to bogus DN
https://notcve.org/view.php?id=CVE-2013-4283
ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attackers to cause a denial of service (server crash) via a crafted Distinguished Name (DN) in a MOD operation request. ns-slapd en 389 Directory Server anterior a v1.3.0.8 permite a atacantes remotos provocar una denegación de servicio (caída del servidor) a través de un Distinguished Name (DN) manipulado en una operación de petición MOD. • http://directory.fedoraproject.org/wiki/Releases/1.3.0.8 http://rhn.redhat.com/errata/RHSA-2013-1182.html http://secunia.com/advisories/54586 http://secunia.com/advisories/54650 https://bugzilla.redhat.com/show_bug.cgi?id=999634 https://access.redhat.com/security/cve/CVE-2013-4283 • CWE-20: Improper Input Validation •
CVE-2013-1897 – 389-ds: unintended information exposure when rootdse is enabled
https://notcve.org/view.php?id=CVE-2013-1897
The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote attackers to obtain sensitive information outside of the rootDSE via a crafted LDAP search. La función do_search function en ldap/servers/slapd/search.c en 389 Directory Server 1.2.x anteior a 1.2.11.20 y 1.3.x anterior a 1.3.0.5 no restringe el acceso adecuadamente a las entradas cuando la configuración nsslapd-allow-anonymous-access está establecida a rootdse y se emplea el ámbito de búsqueda BASE, lo que permite a atacantes remotos obtener información sensible fuera del rootDSE mediante una búsqueda LDAP manipulada. • http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101323.html http://rhn.redhat.com/errata/RHSA-2013-0742.html https://bugzilla.redhat.com/show_bug.cgi?id=928105 https://fedorahosted.org/389/ticket/47308 https://fedorahosted.org/freeipa/ticket/3540 https://git.fedorahosted.org/cgit/389/ds.git/commit/?h=389-ds-base-1.2.11&id=5a18c828533a670e7143327893f8171a19062286 https://access.redhat.com/security/cve/CVE-2013-1897 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2013-0312 – 389-ds: unauthenticated denial of service vulnerability in handling of LDAPv3 control data
https://notcve.org/view.php?id=CVE-2013-0312
389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence. 389 Directory Server anterior a v1.3.0.4 permite a atacantes remotos provocar una denegación de servicio (caída) a través de una secuencia de control de longitud cero LDAP. • http://directory.fedoraproject.org/wiki/Releases/1.3.0.4 http://rhn.redhat.com/errata/RHSA-2013-0628.html http://secunia.com/advisories/52279 http://secunia.com/advisories/52568 http://www.securityfocus.com/bid/58428 https://bugzilla.redhat.com/show_bug.cgi?id=912964 https://fedorahosted.org/389/ticket/571 https://access.redhat.com/security/cve/CVE-2013-0312 • CWE-189: Numeric Errors •
CVE-2012-4450 – 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)
https://notcve.org/view.php?id=CVE-2012-4450
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry. 389 Directory Server v1.2.10 no actualiza correctamente las ACL cuando una entrada DN es movida por una operación modrdn, lo que permite a usuarios autenticados con ciertos permisos, evitar restricciones ACL y de acceso a entrada DN. • http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09 http://rhn.redhat.com/errata/RHSA-2013-0503.html http://secunia.com/advisories/50713 http://www.openwall.com/lists/oss-security/2012/09/26/3 http://www.openwall.com/lists/oss-security/2012/09/26/5 http://www.securityfocus.com/bid/55690 https://bugzilla.redhat.com/show_bug.cgi?id=860772 https://fedorahosted.org/389/ticket/340 https://access.redhat.com/security/cve/CVE-2012-4 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-2746 – rhds/389: plaintext password disclosure in audit log
https://notcve.org/view.php?id=CVE-2012-2746
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password. "389 Directory Server" antes de v1.2.11.6 (también conocido como Red Hat Directory Server antes de v8.2.10-3), cuando la contraseña de un usuario de LDAP ha cambiado y el registro de auditoría está habilitada, guarda la nueva contraseña para el registro en texto plano, lo que permite leer la contraseña a usuarios remotos autenticados. • http://directory.fedoraproject.org/wiki/Release_Notes http://rhn.redhat.com/errata/RHSA-2012-0997.html http://rhn.redhat.com/errata/RHSA-2012-1041.html http://secunia.com/advisories/49734 http://www.osvdb.org/83329 http://www.securityfocus.com/bid/54153 https://bugzilla.redhat.com/show_bug.cgi?id=833482 https://exchange.xforce.ibmcloud.com/vulnerabilities/76595 https://fedorahosted.org/389/ticket/365 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=em • CWE-310: Cryptographic Issues •