CVE-2014-3562

Опубликовано: 07 авг. 2014

Источник: redhat

CVSS2: 7.5

Описание

Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

It was found that when replication was enabled for each attribute in Red Hat Directory Server / 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging was enabled. A remote attacker could use this flaw to disclose potentially sensitive information.

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-862->CWE-201

https://bugzilla.redhat.com/show_bug.cgi?id=1123477389-ds: unauthenticated information disclosure

7.5 High

CVSS2

Связанные уязвимости

CVE-2014-3562

ubuntu

больше 11 лет назад

Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

CVE-2014-3562

nvd

больше 11 лет назад

Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

CVE-2014-3562

debian

больше 11 лет назад

Red Hat Directory Server 8 and 389 Directory Server, when debugging is ...

GHSA-6vvf-j83f-44mh

github

больше 3 лет назад

Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

ELSA-2014-1031

oracle-oval

больше 11 лет назад

ELSA-2014-1031: 389-ds-base security update (IMPORTANT)

7.5 High

CVSS2