Vulnerability Details CVE-2014-0132
The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.1%
CVSS Severity
CVSS v2 Score 6.5
References
- http://rhn.redhat.com/errata/RHSA-2014-0292.html
- http://secunia.com/advisories/57412
- http://secunia.com/advisories/57427
- https://fedorahosted.org/389/changeset/76acff12a86110d4165f94e2cba13ef5c7ebc38a/
- https://fedorahosted.org/389/ticket/47739
- http://rhn.redhat.com/errata/RHSA-2014-0292.html
- http://secunia.com/advisories/57412
- http://secunia.com/advisories/57427
- https://fedorahosted.org/389/changeset/76acff12a86110d4165f94e2cba13ef5c7ebc38a/
- https://fedorahosted.org/389/ticket/47739
Products affected by CVE-2014-0132
-
cpe:2.3:a:fedoraproject:389_directory_server:-
-
cpe:2.3:a:fedoraproject:389_directory_server:1.1.46
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.1
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.10
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.11
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.2
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.3
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.4
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.1
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.10
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.11
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.12
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.13
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.14
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.15
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.17
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.19
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.20
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.21
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.22
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.23
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.25
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.5
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.6
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.8
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.9
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.2
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.3
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.5
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.6
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.6.1
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.7
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.7.1
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.7.5
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.8
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.1
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.2
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.3
-
cpe:2.3:a:fedoraproject:389_directory_server:1.2.9.9