REDHAT-BUG-1123477
First published: Fri Jul 25 2014(Updated: )
IssueDescription: It was found that when replication was enabled for each attribute in Red Hat Directory Server / 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging was enabled. A remote attacker could use this flaw to disclose potentially sensitive information. Acknowledgements: This issue was discovered by Ludwig Krispenz of Red Hat.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Directory Server | ||
| 389 Directory Server |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=921040&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=921040&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=921712
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=921712&action=edit
- http://www.freeipa.org/page/V4/Permissions_V2
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=921835&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=921835&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1127833
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1127834
- https://rhn.redhat.com/errata/RHSA-2014-1032.html
- https://rhn.redhat.com/errata/RHSA-2014-1031.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1123477
Frequently Asked Questions
What is the severity of REDHAT-BUG-1123477?
The severity of REDHAT-BUG-1123477 is critical due to the potential for remote attackers to access sensitive replicated metadata.
How do I fix REDHAT-BUG-1123477?
To fix REDHAT-BUG-1123477, disable debugging in the Red Hat Directory Server or apply security patches provided by Red Hat.
What are the risks associated with REDHAT-BUG-1123477?
The risks associated with REDHAT-BUG-1123477 include unauthorized access to replicated metadata which can lead to data exposure.
Who is affected by REDHAT-BUG-1123477?
Users of Red Hat Directory Server and 389 Directory Server with replication enabled are affected by REDHAT-BUG-1123477.
When was REDHAT-BUG-1123477 reported?
REDHAT-BUG-1123477 was reported recently, highlighting a significant security risk in the replication configuration.
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-3562
- agent/severity
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/red hat
- canonical/red hat directory server
- canonical/389 directory server