Vulnerabilities > Redhat > Freeipa > 2.1.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-11-03 | CVE-2013-0336 | Improper Input Validation vulnerability in Redhat Freeipa The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the directory server (dirsrv) in FreeIPA before 3.2.0 allows remote attackers to cause a denial of service (crash) via a connection request without a username/dn, related to the 389 directory server. | 5.0 |
2013-01-27 | CVE-2012-5484 | Cryptographic Issues vulnerability in Redhat Freeipa The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate. | 7.9 |