Vulnerabilities > CVE-2015-3230 - 7PK - Security Features vulnerability in Fedoraproject 389 Directory Server
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
389 Directory Server (formerly Fedora Directory Server) before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified impact by requesting to use a disabled cipher.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2015-15128.NASL description 389-ds-base-1.3.3.13-1.fc21 - release 1.3.3.13 - Ticket 48265 - Complex filter in a search request doen last seen 2020-06-05 modified 2015-10-09 plugin id 86319 published 2015-10-09 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/86319 title Fedora 21 : 389-ds-base-1.3.3.13-1.fc21 (2015-15128) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2015-567.NASL description It was reported that nsSSL3Ciphers preference is not enforced server side, this allows for a potential downgrade attack to take place. last seen 2020-06-01 modified 2020-06-02 plugin id 84927 published 2015-07-23 reporter This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/84927 title Amazon Linux AMI : 389-ds-base (ALAS-2015-567)
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|