389 Directory Server
Products
2- 23 CVEs
- 6 CVEs
Recent CVEs
29| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-7551 | Cri | 0.64 | 9.8 | 0.01 | Aug 16, 2017 | 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts. | ||
| CVE-2026-9064 | Hig | 0.49 | 7.5 | 0.01 | May 20, 2026 | A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of… | ||
| CVE-2024-3657 | Hig | 0.49 | 7.5 | 0.01 | May 28, 2024 | A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service | ||
| CVE-2018-14638 | Hig | 0.49 | 7.5 | 0.03 | Sep 14, 2018 | A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service. | ||
| CVE-2018-14624 | Hig | 0.49 | 7.5 | 0.02 | Sep 6, 2018 | A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN,… | ||
| CVE-2015-1854 | Hig | 0.49 | 7.5 | 0.02 | Sep 19, 2017 | 389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call. | ||
| CVE-2025-14905 | Hig | 0.47 | 7.2 | 0.01 | Feb 23, 2026 | A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting… | ||
| CVE-2017-2668 | Med | 0.42 | 6.5 | 0.03 | Jun 22, 2018 | 389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in… | ||
| CVE-2018-10850 | Med | 0.38 | 5.9 | 0.02 | Jun 13, 2018 | 389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. An anonymous attacker could use this flaw to trigger a denial of service. | ||
| CVE-2011-0704 | Med | 0.38 | 5.9 | 0.01 | May 4, 2018 | 389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request. | ||
| CVE-2024-5953 | Med | 0.37 | 5.7 | 0.01 | Jun 18, 2024 | A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password. | ||
| CVE-2024-2199 | Med | 0.37 | 5.7 | 0.01 | May 28, 2024 | A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input. | ||
| CVE-2026-11790 | Med | 0.32 | 4.9 | 0.00 | Jun 9, 2026 | A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password storage plugin does not enforce an upper bound on the iteration count extracted from stored password hashes. A privileged attacker who can modify a user's password hash can cause excessive CPU consumption… | ||
| CVE-2025-2487 | Med | 0.32 | 4.9 | 0.01 | Mar 18, 2025 | A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a… | ||
| CVE-2018-10871 | Low | 0.25 | 3.8 | 0.01 | Jul 18, 2018 | 389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective changelog files. An attacker… | ||
| CVE-2022-0918 | 0.01 | — | 0.06 | Mar 16, 2022 | A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other… | |||
| CVE-2024-1062 | 0.00 | — | 0.00 | Feb 12, 2024 | A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr. | |||
| CVE-2022-2850 | 0.00 | — | 0.01 | Oct 14, 2022 | A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against… | |||
| CVE-2022-1949 | 0.00 | — | 0.01 | Jun 1, 2022 | An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unauthenticated user to issue a… | |||
| CVE-2021-3652 | 0.00 | — | 0.01 | Apr 18, 2022 | A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being inactive, any password will successfully match during authentication. This flaw allows an attacker to successfully authenticate as a user… |
- risk 0.64cvss 9.8epss 0.01
389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.
- risk 0.49cvss 7.5epss 0.01
A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of…
- risk 0.49cvss 7.5epss 0.01
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
- risk 0.49cvss 7.5epss 0.03
A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service.
- risk 0.49cvss 7.5epss 0.02
A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN,…
- risk 0.49cvss 7.5epss 0.02
389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call.
- risk 0.47cvss 7.2epss 0.01
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting…
- risk 0.42cvss 6.5epss 0.03
389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in…
- risk 0.38cvss 5.9epss 0.02
389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. An anonymous attacker could use this flaw to trigger a denial of service.
- risk 0.38cvss 5.9epss 0.01
389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request.
- risk 0.37cvss 5.7epss 0.01
A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.
- risk 0.37cvss 5.7epss 0.01
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.
- risk 0.32cvss 4.9epss 0.00
A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password storage plugin does not enforce an upper bound on the iteration count extracted from stored password hashes. A privileged attacker who can modify a user's password hash can cause excessive CPU consumption…
- risk 0.32cvss 4.9epss 0.01
A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a…
- risk 0.25cvss 3.8epss 0.01
389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective changelog files. An attacker…
- CVE-2022-0918Mar 16, 2022risk 0.01cvss —epss 0.06
A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other…
- CVE-2024-1062Feb 12, 2024risk 0.00cvss —epss 0.00
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
- CVE-2022-2850Oct 14, 2022risk 0.00cvss —epss 0.01
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against…
- CVE-2022-1949Jun 1, 2022risk 0.00cvss —epss 0.01
An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unauthenticated user to issue a…
- CVE-2021-3652Apr 18, 2022risk 0.00cvss —epss 0.01
A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being inactive, any password will successfully match during authentication. This flaw allows an attacker to successfully authenticate as a user…