CVE-2013-1897

The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote attackers to obtain sensitive information outside of the rootDSE via a crafted LDAP search.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.6 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:P/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
fedoraproject389_directory_server
1.2.1
fedoraproject389_directory_server
1.2.2
fedoraproject389_directory_server
1.2.3
fedoraproject389_directory_server
1.2.5
fedoraproject389_directory_server
1.2.5:rc1
fedoraproject389_directory_server
1.2.5:rc2
fedoraproject389_directory_server
1.2.5:rc3
fedoraproject389_directory_server
1.2.5:rc4
fedoraproject389_directory_server
1.2.6
fedoraproject389_directory_server
1.2.6:a2
fedoraproject389_directory_server
1.2.6:a3
fedoraproject389_directory_server
1.2.6:a4
fedoraproject389_directory_server
1.2.6:rc1
fedoraproject389_directory_server
1.2.6:rc2
fedoraproject389_directory_server
1.2.6:rc3
fedoraproject389_directory_server
1.2.6:rc6
fedoraproject389_directory_server
1.2.6:rc7
fedoraproject389_directory_server
1.2.6.1
fedoraproject389_directory_server
1.2.7:alpha3
fedoraproject389_directory_server
1.2.7.5
fedoraproject389_directory_server
1.2.8:alpha1
fedoraproject389_directory_server
1.2.8:alpha2
fedoraproject389_directory_server
1.2.8:alpha3
fedoraproject389_directory_server
1.2.8:rc1
fedoraproject389_directory_server
1.2.8:rc2
fedoraproject389_directory_server
1.2.8.1
fedoraproject389_directory_server
1.2.8.2
fedoraproject389_directory_server
1.2.8.3
fedoraproject389_directory_server
1.2.9.9
fedoraproject389_directory_server
1.2.10
fedoraproject389_directory_server
1.2.10:alpha8
fedoraproject389_directory_server
1.2.10:rc1
fedoraproject389_directory_server
1.2.10.2
fedoraproject389_directory_server
1.2.10.3
fedoraproject389_directory_server
1.2.10.4
fedoraproject389_directory_server
1.2.10.11
fedoraproject389_directory_server
1.2.11.1
fedoraproject389_directory_server
1.2.11.5
fedoraproject389_directory_server
1.2.11.6
fedoraproject389_directory_server
1.2.11.8
fedoraproject389_directory_server
1.2.11.9
fedoraproject389_directory_server
1.2.11.10
fedoraproject389_directory_server
1.2.11.11
fedoraproject389_directory_server
1.2.11.12
fedoraproject389_directory_server
1.2.11.13
fedoraproject389_directory_server
1.2.11.14
fedoraproject389_directory_server
1.2.11.15
fedoraproject389_directory_server
1.2.11.17
fedoraproject389_directory_server
1.2.11.19
fedoraproject389_directory_server
1.3.0.2
fedoraproject389_directory_server
1.3.0.3
fedoraproject389_directory_server
1.3.0.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
389-ds-base
bullseye
1.4.4.11-2
fixed
bookworm
2.3.1+dfsg1-1
fixed
sid
3.1.1+dfsg1-2
fixed
trixie
3.1.1+dfsg1-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
389-ds-base
zesty
not-affected
yakkety
not-affected
xenial
not-affected
wily
not-affected
vivid
not-affected
utopic
not-affected
trusty
dne
saucy
ignored
raring
ignored
quantal
ignored
precise
ignored
oneiric
dne
lucid
dne
hardy
dne
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101323.html
http://rhn.redhat.com/errata/RHSA-2013-0742.html
https://bugzilla.redhat.com/show_bug.cgi?id=928105
https://fedorahosted.org/389/ticket/47308
https://fedorahosted.org/freeipa/ticket/3540
https://git.fedorahosted.org/cgit/389/ds.git/commit/?h=389-ds-base-1.2.11&id=5a18c828533a670e7143327893f8171a19062286
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101323.html
http://rhn.redhat.com/errata/RHSA-2013-0742.html
https://bugzilla.redhat.com/show_bug.cgi?id=928105
https://fedorahosted.org/389/ticket/47308
https://fedorahosted.org/freeipa/ticket/3540
https://git.fedorahosted.org/cgit/389/ds.git/commit/?h=389-ds-base-1.2.11&id=5a18c828533a670e7143327893f8171a19062286