MGASA-2014-0145

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2014-0145.html

Import Source

https://advisories.mageia.org/MGASA-2014-0145.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2014-0145

Upstream

CVE-2014-0132

Published

2014-03-31T19:44:51Z

Modified

2026-04-16T06:23:44.671164410Z

Summary

Updated 389-ds-base package fixes security vulnerability

Details

It was discovered that the 389 Directory Server did not properly handle certain SASL-based authentication mechanisms. A user able to authenticate to the directory using these SASL mechanisms could connect as any other directory user, including the administrative Directory Manager account. This could allow them to modify configuration values, as well as read and write any data the directory holds (CVE-2014-0132).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:3 / 389-ds-base

Package

Name: 389-ds-base
Purl: pkg:rpm/mageia/389-ds-base?arch=source&distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.0.9-1.1.mga3

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2014-0145.json"

Mageia:4 / 389-ds-base

Package

Name: 389-ds-base
Purl: pkg:rpm/mageia/389-ds-base?arch=source&distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.2.7-1.1.mga4

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2014-0145.json"