CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3230
https://notcve.org/view.php?id=CVE-2015-3230
389 Directory Server (formerly Fedora Directory Server) before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified impact by requesting to use a disabled cipher. 389 Directory Server (anteriormente Fedora Directory Server) en versiones anteriores a 1.3.3.12 no hace cumplir la preferencia nsSSL3Ciphers cuando crean un sslSocket, lo que permite a atacantes remotos tener un impacto no especificado mediante la petición de utilizar un cifrado deshabilitado. • http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-12.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168985.html https://bugzilla.redhat.com/show_bug.cgi?id=1230996 https://fedorahosted.org/389/ticket/48194 • CWE-254: 7PK - Security Features •
CVSS: 4.0EPSS: 0%CPEs: 44EXPL: 0CVE-2014-8112 – 389-ds-base: password hashing bypassed when "nsslapd-unhashed-pw-switch" is set to off
https://notcve.org/view.php?id=CVE-2014-8112
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog. 389 Directory Server 1.3.1.x, 1.3.2.x anterior a 1.3.2.27, y 1.3.3.x anterior a 1.3.3.9 almacena contraseñas sin estar en hash incluso cuando la opción nsslapd-unhashed-pw-switch está configurado como apagado (off), lo que permite a usuarios remotosw autenticados obtener información sensible mediante la lectura del registro de cambios (Changelog). It was found that when the nsslapd-unhashed-pw-switch 389 Directory Server configuration option was set to "off", it did not prevent the writing of unhashed passwords into the Changelog. This could potentially allow an authenticated user able to access the Changelog to read sensitive information. • http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-2-27.html http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-9.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153991.html http://rhn.redhat.com/errata/RHSA-2015-0416.html https://bugzilla.redhat.com/show_bug.cgi?id=1172729 https://access.redhat.com/security/cve/CVE-2014-8112 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •
CVSS: 5.8EPSS: 0%CPEs: 7EXPL: 0CVE-2014-8105 – 389-ds-base: information disclosure through 'cn=changelog' subtree
https://notcve.org/view.php?id=CVE-2014-8105
389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors. 389 Directory Server anterior a 1.3.2.27 y 1.3.3.x anterior a 1.3.3.9 no restringe correctamente acceso al subárbol LDAP 'cn=changelog', lo que permite a atacantes remotos obtener información sensible del registro de cambios (changelog) a través de vectores no especificados. An information disclosure flaw was found in the way the 389 Directory Server stored information in the Changelog that is exposed via the 'cn=changelog' LDAP sub-tree. An unauthenticated user could in certain cases use this flaw to read data from the Changelog, which could include sensitive information such as plain-text passwords. • http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-2-27.html http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-9.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153991.html http://rhn.redhat.com/errata/RHSA-2015-0416.html http://rhn.redhat.com/errata/RHSA-2015-0628.html https://access.redhat.com/security/cve/CVE-2014-8105 https://bugzilla.redhat.com/show_bug.cgi?id=1167858 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 65EXPL: 0CVE-2014-3562 – 389-ds: unauthenticated information disclosure
https://notcve.org/view.php?id=CVE-2014-3562
Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory. Red Hat Directory Server 8 y 389 Directory Server, cuando depuración está habilitada, permite a atacantes remotos obtener metadatos replicados sensibles mediante la búsqueda del directorio. It was found that when replication was enabled for each attribute in Red Hat Directory Server / 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging was enabled. A remote attacker could use this flaw to disclose potentially sensitive information. • http://rhn.redhat.com/errata/RHSA-2014-1031.html http://rhn.redhat.com/errata/RHSA-2014-1032.html https://bugzilla.redhat.com/show_bug.cgi?id=1123477 https://access.redhat.com/security/cve/CVE-2014-3562 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 1CVE-2014-0132 – 389-ds: flaw in parsing authzid can lead to privilege escalation
https://notcve.org/view.php?id=CVE-2014-0132
The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind. La funcionalidad de autenticación SASL en 389 Directory Server anterior a 1.2.11.26 permite a usuarios remotos autenticados conectar como un usuario arbitrario y ganar privilegios a través del parámetro authzid en un SASL/GSSAPI bind. • http://rhn.redhat.com/errata/RHSA-2014-0292.html http://secunia.com/advisories/57412 http://secunia.com/advisories/57427 https://fedorahosted.org/389/changeset/76acff12a86110d4165f94e2cba13ef5c7ebc38a https://fedorahosted.org/389/ticket/47739 https://access.redhat.com/security/cve/CVE-2014-0132 https://bugzilla.redhat.com/show_bug.cgi?id=1074845 • CWE-287: Improper Authentication CWE-290: Authentication Bypass by Spoofing •