AVG-2206 log

Package 389-ds-base
Status Fixed
Severity Medium
Type multiple issues
Affected 2.0.3-2
Fixed 2.0.7-1
Current 2.0.10-3 [extra]
Ticket None
Created Thu Jul 22 08:22:45 2021
Issue Severity Remote Type Description
CVE-2021-3652 Medium Yes Authentication bypass
In 389-ds-base before version 2.0.7, it was found that if an asterisk is imported as a password hash, either accidentally or maliciously, then instead of...
CVE-2021-3514 Low Yes Denial of service
A security issue was found in 389-ds-base before version 2.0.5. When using a sync_repl client, an authenticated attacker can cause a NULL pointer...
Date Advisory Package Type
27 Jul 2021 ASA-202107-72 389-ds-base multiple issues