Количество 12
Количество 12
ELSA-2015-0416
ELSA-2015-0416: 389-ds-base security, bug fix, and enhancement update (IMPORTANT)
CVE-2014-8112
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog.
CVE-2014-8112
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog.
CVE-2014-8112
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog.
CVE-2014-8112
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x bef ...
CVE-2014-8105
389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors.
CVE-2014-8105
389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors.
CVE-2014-8105
389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors.
CVE-2014-8105
389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does n ...
GHSA-jpqj-372q-hwmp
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog.
GHSA-vgvq-9gqr-48c9
389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors.
ELSA-2015-0628
ELSA-2015-0628: 389-ds-base security, bug fix, and enhancement update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2015-0416 ELSA-2015-0416: 389-ds-base security, bug fix, and enhancement update (IMPORTANT) | больше 10 лет назад | ||
 | CVE-2014-8112 389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog. | CVSS2: 4 | 0% Низкий | больше 10 лет назад |
 | CVE-2014-8112 389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog. | CVSS2: 1.4 | 0% Низкий | больше 10 лет назад |
 | CVE-2014-8112 389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog. | CVSS2: 4 | 0% Низкий | больше 10 лет назад |
| CVE-2014-8112 389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x bef ... | CVSS2: 4 | 0% Низкий | больше 10 лет назад |
| CVE-2014-8105 389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors. | CVSS2: 5 | 0% Низкий | больше 10 лет назад |
| CVE-2014-8105 389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors. | CVSS2: 5.8 | 0% Низкий | больше 10 лет назад |
| CVE-2014-8105 389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors. | CVSS2: 5 | 0% Низкий | больше 10 лет назад |
| CVE-2014-8105 389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does n ... | CVSS2: 5 | 0% Низкий | больше 10 лет назад |
| GHSA-jpqj-372q-hwmp 389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog. | 0% Низкий | больше 3 лет назад | |
| GHSA-vgvq-9gqr-48c9 389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors. | 0% Низкий | больше 3 лет назад | |
| ELSA-2015-0628 ELSA-2015-0628: 389-ds-base security, bug fix, and enhancement update (IMPORTANT) | больше 10 лет назад |
Уязвимостей на страницу