Redhat

389 Directory Server

21 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.31%
  • Veröffentlicht 07.07.2026 13:54:20
  • Zuletzt bearbeitet 08.07.2026 15:24:06

A heap-buffer-overflow flaw was found in 389 Directory Server (389-ds-base). When normalizing a Distinguished Name (DN) that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name (RDN), the server can write past the...

  • EPSS 0.21%
  • Veröffentlicht 18.06.2026 14:44:32
  • Zuletzt bearbeitet 30.06.2026 11:16:28

A flaw was found in 389 Directory Server. During schema reload, the attr_syntax_swap_ht() function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsyst...

  • EPSS 0.23%
  • Veröffentlicht 17.06.2026 14:27:27
  • Zuletzt bearbeitet 28.06.2026 00:22:17

A flaw was found in 389 Directory Server in the __aclp__normalize_acltxt() function of aclparse.c. A malformed ACI (Access Control Instruction) string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validat...

  • EPSS 0.28%
  • Veröffentlicht 09.06.2026 13:11:40
  • Zuletzt bearbeitet 30.06.2026 11:16:28

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix() function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An ...

  • EPSS 0.29%
  • Veröffentlicht 09.06.2026 13:09:29
  • Zuletzt bearbeitet 30.06.2026 14:16:25

A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password storage plugin does not enforce an upper bound on the iteration count extracted from stored password hashes. A privileged attacker who can modify a user's password hash can cause ex...

  • EPSS 0.28%
  • Veröffentlicht 09.06.2026 13:02:59
  • Zuletzt bearbeitet 30.06.2026 14:16:25

A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server duri...

  • EPSS 0.35%
  • Veröffentlicht 09.06.2026 13:02:53
  • Zuletzt bearbeitet 30.06.2026 09:16:24

A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...

  • EPSS 0.18%
  • Veröffentlicht 09.06.2026 13:02:53
  • Zuletzt bearbeitet 30.06.2026 09:16:24

A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior.

  • EPSS 0.16%
  • Veröffentlicht 09.06.2026 12:57:59
  • Zuletzt bearbeitet 30.06.2026 09:16:23

A flaw was found in 389 Directory Server. The LDIF parser reads past the end of a heap buffer when processing attribute types with trailing semicolons during database import, causing an out-of-bounds read detectable under memory instrumentation.

  • EPSS 0.18%
  • Veröffentlicht 09.06.2026 12:57:59
  • Zuletzt bearbeitet 30.06.2026 09:16:23

A flaw was found in 389 Directory Server. A type confusion in the SSO token extended operation handler causes partial stack address information to be disclosed in LDAP responses to authenticated users.