VYPR

389 Directory Server

by Fedoraproject

CVEs (26)

  • CVE-2012-0833Jul 3, 2012
    risk 0.00cvss epss 0.01

    The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause…

  • CVE-2011-1067Feb 23, 2011
    risk 0.00cvss epss 0.01

    slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not properly manage the c_timelimit field of the connection table element, which allows remote attackers to cause a denial of service (daemon outage) via Simple Paged Results connections, as demonstrated by using…

  • CVE-2011-0532Feb 23, 2011
    risk 0.00cvss epss 0.00

    The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x) place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan…

  • CVE-2011-0022Feb 23, 2011
    risk 0.00cvss epss 0.00

    The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary…

  • CVE-2011-0019Feb 23, 2011
    risk 0.00cvss epss 0.01

    slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Directory Server 8.2.x or dirsrv) does not properly handle simple paged result searches, which allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via…

  • CVE-2010-4746Feb 23, 2011
    risk 0.00cvss epss 0.02

    Multiple memory leaks in the normalization functionality in 389 Directory Server before 1.2.7.5 allow remote attackers to cause a denial of service (memory consumption) via "badly behaved applications," related to (1) Slapi_Attr mishandling in the DN normalization code and (2)…

Page 2 of 2