Описание
The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | 389-ds-base | Not affected | ||
| Red Hat Directory Server 8 for RHEL 5 | redhat-ds-base | Fixed | RHSA-2013:1116 | 30.07.2013 |
| Red Hat Enterprise Linux 6 | 389-ds-base | Fixed | RHSA-2013:1119 | 30.07.2013 |
Показывать по
Дополнительная информация
Статус:
4.3 Medium
CVSS2
Связанные уязвимости
The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.
The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.
The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server ...
The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.
ELSA-2013-1119: 389-ds-base security and bug fix update (MODERATE)
4.3 Medium
CVSS2