Vulnerabilities > CVE-2015-3230 - 7PK - Security Features vulnerability in Fedoraproject 389 Directory Server

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

389 Directory Server (formerly Fedora Directory Server) before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified impact by requesting to use a disabled cipher.

Vulnerable Configurations

Part Description Count
Application
Fedoraproject
112

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-15128.NASL
    description389-ds-base-1.3.3.13-1.fc21 - release 1.3.3.13 - Ticket 48265 - Complex filter in a search request doen
    last seen2020-06-05
    modified2015-10-09
    plugin id86319
    published2015-10-09
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/86319
    titleFedora 21 : 389-ds-base-1.3.3.13-1.fc21 (2015-15128)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-567.NASL
    descriptionIt was reported that nsSSL3Ciphers preference is not enforced server side, this allows for a potential downgrade attack to take place.
    last seen2020-06-01
    modified2020-06-02
    plugin id84927
    published2015-07-23
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84927
    titleAmazon Linux AMI : 389-ds-base (ALAS-2015-567)

Redhat

advisories
bugzilla
id1230038
titleidm/ipa 389-ds-base entry cache converges to 500 KB in dblayer_is_cachesize_sane
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 7 is installed
      ovaloval:com.redhat.rhba:tst:20150364027
    • OR
      • AND
        • comment389-ds-base-devel is earlier than 0:1.3.3.1-20.el7_1
          ovaloval:com.redhat.rhba:tst:20151554001
        • comment389-ds-base-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151554002
      • AND
        • comment389-ds-base-libs is earlier than 0:1.3.3.1-20.el7_1
          ovaloval:com.redhat.rhba:tst:20151554003
        • comment389-ds-base-libs is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151554004
      • AND
        • comment389-ds-base is earlier than 0:1.3.3.1-20.el7_1
          ovaloval:com.redhat.rhba:tst:20151554005
        • comment389-ds-base is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20151554006
rhsa
idRHBA-2015:1554
released2015-08-05
severityNone
titleRHBA-2015:1554: 389-ds-base bug fix update (None)
rpms
  • 389-ds-base-0:1.3.3.1-20.ael7b_1
  • 389-ds-base-0:1.3.3.1-20.el7_1
  • 389-ds-base-debuginfo-0:1.3.3.1-20.ael7b_1
  • 389-ds-base-debuginfo-0:1.3.3.1-20.el7_1
  • 389-ds-base-devel-0:1.3.3.1-20.ael7b_1
  • 389-ds-base-devel-0:1.3.3.1-20.el7_1
  • 389-ds-base-libs-0:1.3.3.1-20.ael7b_1
  • 389-ds-base-libs-0:1.3.3.1-20.el7_1