Redhat: >> 389 Directory Server >> 1.2.10.0 Security Vulnerabilities
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-02-12
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database.
CVSS Score
5.3
EPSS Score
0.012
Published
2021-03-26