Red Hat Security Advisory 2016-2765-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: It was found that 389 Directory Server was vulnerable to a flaw in which the default ACI could be read by an anonymous user. This could lead to leakage of sensitive information. An information disclosure flaw was found in 389 Directory Server. A user with no access to objects in certain LDAP sub-tree could send LDAP ADD operations with a specific object name. The error message returned to the user was different based on whether the target object existed or not.
a23f2adc4f9c7000e2a14bf0039f624d18c36c133617746781bb9f35d92b15dcRed Hat Security Advisory 2016-2594-02 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. The following packages have been upgraded to a newer upstream version: 389-ds-base. Security Fix: It was found that 389 Directory Server was vulnerable to a flaw in which the default ACI could be read by an anonymous user. This could lead to leakage of sensitive information.
3d0e10e7baa1064356ace51447bb911d82632d542ca3fc87ae68a14d67977807
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed