389 Directory Server CVE-2013-1897 Information Disclosure Vulnerability
BID:59026
Info
389 Directory Server CVE-2013-1897 Information Disclosure Vulnerability
| Bugtraq ID: | 59026 |
| Class: | Design Error |
| CVE: |
CVE-2013-1897 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 28 2013 12:00AM |
| Updated: | Apr 13 2015 09:34PM |
| Credit: | Martin Kosek of Red Hat |
| Vulnerable: |
Redhat Enterprise Linux Workstation Optional 6 Redhat Enterprise Linux Workstation 6 Redhat Enterprise Linux Server Optional 6 Redhat Enterprise Linux Server 6 Redhat Enterprise Linux HPC Node Optional 6 Redhat Enterprise Linux Desktop Optional 6 Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 CentOS CentOS 6 389 Directory Server 389 Directory Server 0 |
| Not Vulnerable: | |
Discussion
389 Directory Server CVE-2013-1897 Information Disclosure Vulnerability
389 Directory Server is prone to an information-disclosure vulnerability.
Remote attackers can exploit this issue to gain access to sensitive information that may aid in further attacks.
389 Directory Server is prone to an information-disclosure vulnerability.
Remote attackers can exploit this issue to gain access to sensitive information that may aid in further attacks.
Solution / Fix
389 Directory Server CVE-2013-1897 Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
389 Directory Server CVE-2013-1897 Information Disclosure Vulnerability
References:
References:
- Bug 928105 - (CVE-2013-1897) CVE-2013-1897 389-ds: unintended information expos (Red Hat Bugzilla)
- 389 Directory Server Homepage (389 Directory Server)
- Ticket #47308 - unintended information exposure when anonymous access is set to (Noriko Hosoi)