Access Control Vulnerability in 389 Directory Server by Red Hat
CVE-2013-1897

Currently unrated

Key Information:

Vendor

Fedoraproject

Status
389 Directory Server
Vendor
CVE Published:
13 May 2013

What is CVE-2013-1897?

The do_search function within the 389 Directory Server could allow remote attackers to gain unauthorized access to sensitive information. This occurs due to insufficient access restrictions when the nsslapd-allow-anonymous-access setting is configured to grant access to the rootDSE. When the BASE search scope is utilized, attackers can exploit this flaw via a crafted LDAP search, potentially exposing critical data that should have remained protected.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA
https://git.fedorahosted.org/cgit/389/ds.git/commit/?h=38...
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=928105
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.