CVE-2012-4450
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2012-4450
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2012-4450.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2012-4450
- Related
- Published
- 2012-10-01T03:26:16Z
- Modified
- 2024-12-09T16:00:47Z
- Summary
- [none]
- Details
-
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry.
- References
-
- http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09
- http://rhn.redhat.com/errata/RHSA-2013-0503.html
- http://secunia.com/advisories/50713
- https://bugzilla.redhat.com/show_bug.cgi?id=860772
- http://www.openwall.com/lists/oss-security/2012/09/26/3
- http://www.openwall.com/lists/oss-security/2012/09/26/5
- http://www.securityfocus.com/bid/55690
- https://fedorahosted.org/389/ticket/340
- https://security-tracker.debian.org/tracker/CVE-2012-4450
Affected packages
Debian:11 / 389-ds-base
Package
- Name
- 389-ds-base
- Purl
- pkg:deb/debian/389-ds-base?arch=source
Debian:12 / 389-ds-base
Package
- Name
- 389-ds-base
- Purl
- pkg:deb/debian/389-ds-base?arch=source