Port389 389-ds-base (389 Directory Server) 1.4.0

CPE Details

Port389 389-ds-base (389 Directory Server) 1.4.0
port389
389-ds-base
1.4.0
2023-01-09
18h15 +00:00
2024-12-13
17h47 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:port389:389-ds-base:1.4.0:*:*:*:*:*:*:*

Informations

Vendor

port389

Product

389-ds-base

Version

1.4.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-3652 2022-04-17 22h00 +00:00 A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being inactive, any password will successfully match during authentication. This flaw allows an attacker to successfully authenticate as a user whose password was disabled.
6.5
Moyen
CVE-2022-0918 2022-03-16 14h04 +00:00 A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing.
7.5
Haute