CVE-2014-8105 – 389-ds-base: information disclosure through 'cn=changelog' subtree
https://notcve.org/view.php?id=CVE-2014-8105
389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors. 389 Directory Server anterior a 1.3.2.27 y 1.3.3.x anterior a 1.3.3.9 no restringe correctamente acceso al subárbol LDAP 'cn=changelog', lo que permite a atacantes remotos obtener información sensible del registro de cambios (changelog) a través de vectores no especificados. An information disclosure flaw was found in the way the 389 Directory Server stored information in the Changelog that is exposed via the 'cn=changelog' LDAP sub-tree. An unauthenticated user could in certain cases use this flaw to read data from the Changelog, which could include sensitive information such as plain-text passwords. • http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-2-27.html http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-9.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153991.html http://rhn.redhat.com/errata/RHSA-2015-0416.html http://rhn.redhat.com/errata/RHSA-2015-0628.html https://access.redhat.com/security/cve/CVE-2014-8105 https://bugzilla.redhat.com/show_bug.cgi?id=1167858 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-3562 – 389-ds: unauthenticated information disclosure
https://notcve.org/view.php?id=CVE-2014-3562
Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory. Red Hat Directory Server 8 y 389 Directory Server, cuando depuración está habilitada, permite a atacantes remotos obtener metadatos replicados sensibles mediante la búsqueda del directorio. It was found that when replication was enabled for each attribute in Red Hat Directory Server / 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging was enabled. A remote attacker could use this flaw to disclose potentially sensitive information. • http://rhn.redhat.com/errata/RHSA-2014-1031.html http://rhn.redhat.com/errata/RHSA-2014-1032.html https://bugzilla.redhat.com/show_bug.cgi?id=1123477 https://access.redhat.com/security/cve/CVE-2014-3562 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVE-2014-0132 – 389-ds: flaw in parsing authzid can lead to privilege escalation
https://notcve.org/view.php?id=CVE-2014-0132
The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind. La funcionalidad de autenticación SASL en 389 Directory Server anterior a 1.2.11.26 permite a usuarios remotos autenticados conectar como un usuario arbitrario y ganar privilegios a través del parámetro authzid en un SASL/GSSAPI bind. • http://rhn.redhat.com/errata/RHSA-2014-0292.html http://secunia.com/advisories/57412 http://secunia.com/advisories/57427 https://fedorahosted.org/389/changeset/76acff12a86110d4165f94e2cba13ef5c7ebc38a https://fedorahosted.org/389/ticket/47739 https://access.redhat.com/security/cve/CVE-2014-0132 https://bugzilla.redhat.com/show_bug.cgi?id=1074845 • CWE-287: Improper Authentication CWE-290: Authentication Bypass by Spoofing •
CVE-2013-4485 – 389-ds-base: DoS due to improper handling of ger attr searches
https://notcve.org/view.php?id=CVE-2013-4485
389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request. 389 Directory Server 1.2.11.15 (también conocido como Red Hat Directory Server anterior a la versión 8.2.11-14) permite a usuarios remotos autenticados provocar una denegación de servicio (caída) a través de múltiples caracteres @ en una lista de atributo GER de una petición de búsqueda. • http://rhn.redhat.com/errata/RHSA-2013-1752.html http://rhn.redhat.com/errata/RHSA-2013-1753.html http://secunia.com/advisories/55765 https://access.redhat.com/security/cve/CVE-2013-4485 https://bugzilla.redhat.com/show_bug.cgi?id=1024552 • CWE-20: Improper Input Validation •
CVE-2013-4283 – 389-ds-base: ns-slapd crash due to bogus DN
https://notcve.org/view.php?id=CVE-2013-4283
ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attackers to cause a denial of service (server crash) via a crafted Distinguished Name (DN) in a MOD operation request. ns-slapd en 389 Directory Server anterior a v1.3.0.8 permite a atacantes remotos provocar una denegación de servicio (caída del servidor) a través de un Distinguished Name (DN) manipulado en una operación de petición MOD. • http://directory.fedoraproject.org/wiki/Releases/1.3.0.8 http://rhn.redhat.com/errata/RHSA-2013-1182.html http://secunia.com/advisories/54586 http://secunia.com/advisories/54650 https://bugzilla.redhat.com/show_bug.cgi?id=999634 https://access.redhat.com/security/cve/CVE-2013-4283 • CWE-20: Improper Input Validation •