Unrated severityNVD Advisory· Published Mar 18, 2014· Updated May 6, 2026
CVE-2014-0132
CVE-2014-0132
Description
The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind.
Affected products
18cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*range: <=1.2.11.25
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.10:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.11:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.12:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.13:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.14:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.15:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.17:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.19:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.20:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.21:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.22:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.23:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.5:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.6:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.8:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- fedorahosted.org/389/ticket/47739nvdPatch
- fedorahosted.org/389/changeset/76acff12a86110d4165f94e2cba13ef5c7ebc38a/nvdExploit
- secunia.com/advisories/57412nvdVendor Advisory
- secunia.com/advisories/57427nvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2014-0292.htmlnvd
News mentions
0No linked articles in our index yet.