AVG-2206 log
Package | 389-ds-base |
Status | Fixed |
Severity | Medium |
Type | multiple issues |
Affected | 2.0.3-2 |
Fixed | 2.0.7-1 |
Current | 3.1.1-2 [extra] |
Ticket | None |
Created | Thu Jul 22 08:22:45 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-3652 | Medium | Yes | Authentication bypass | In 389-ds-base before version 2.0.7, it was found that if an asterisk is imported as a password hash, either accidentally or maliciously, then instead of... |
CVE-2021-3514 | Low | Yes | Denial of service | A security issue was found in 389-ds-base before version 2.0.5. When using a sync_repl client, an authenticated attacker can cause a NULL pointer... |
Date | Advisory | Package | Type |
---|---|---|---|
27 Jul 2021 | ASA-202107-72 | 389-ds-base | multiple issues |