Fluid Attacks Database

Description

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	389-ds-base	>=0 <1.3.5.15-1	1.3.5.15-1
debian 13	389-ds-base	>=0 <1.3.5.15-1	1.3.5.15-1
debian 11	389-ds-base	>=0 <1.3.5.15-1	1.3.5.15-1
rpm rhel7	389-ds-base	<0:1.3.5.10-11.el7	0:1.3.5.10-11.el7
rpm rhel6	389-ds-base	<0:1.2.11.15-84.el6_8	0:1.2.11.15-84.el6_8

Aliases

1. CVE-2016-54052. NVD-2016-54053. OSV-DEBIAN-2016-54054. OSV-2016-54055. SECURITY-TRACKER-CVE-2016-5405

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.