Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:redhat:directory_server:7.1:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-4485 |
389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request. Published: November 23, 2013; 6:55:04 AM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2013-2219 |
The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute. Published: July 31, 2013; 9:20:25 AM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2012-2746 |
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password. Published: July 03, 2012; 12:40:34 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2012-2678 |
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute. Published: July 03, 2012; 12:40:33 PM -0400 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2008-0892 |
The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, allows remote attackers to execute arbitrary commands. Published: April 16, 2008; 2:05:00 PM -0400 |
V3.x:(not available) V2.0: 9.0 HIGH |