Redhat

Directory Server

41 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.24%
  • Veröffentlicht 08.06.2026 16:17:59
  • Zuletzt bearbeitet 30.06.2026 09:16:23

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin ...

  • EPSS 0.82%
  • Veröffentlicht 20.05.2026 09:00:42
  • Zuletzt bearbeitet 30.06.2026 03:21:45

A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request c...

  • EPSS 1.04%
  • Veröffentlicht 23.02.2026 15:41:47
  • Zuletzt bearbeitet 30.06.2026 00:16:54

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias strin...

  • EPSS 0.45%
  • Veröffentlicht 08.04.2025 18:24:22
  • Zuletzt bearbeitet 30.06.2026 07:16:31

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the in...

  • EPSS 0.55%
  • Veröffentlicht 18.03.2025 16:25:43
  • Zuletzt bearbeitet 30.06.2026 01:16:24

A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a lda...

  • EPSS 0.92%
  • Veröffentlicht 09.07.2024 17:15:48
  • Zuletzt bearbeitet 21.11.2024 09:49:15

A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service.

  • EPSS 0.3%
  • Veröffentlicht 12.02.2024 13:15:09
  • Zuletzt bearbeitet 18.02.2025 11:15:11

A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.

  • EPSS 0.19%
  • Veröffentlicht 27.02.2023 22:15:09
  • Zuletzt bearbeitet 21.11.2024 07:38:22

A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the co...

Exploit
  • EPSS 1.24%
  • Veröffentlicht 14.10.2022 18:15:14
  • Zuletzt bearbeitet 03.11.2025 21:15:52

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. ...

  • EPSS 1.39%
  • Veröffentlicht 02.06.2022 14:15:34
  • Zuletzt bearbeitet 13.12.2024 18:47:19

An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unau...