A vulnerability has been found in 389 Directory Server up to 1.3.3.11 (Directory Service Software) and classified as critical. Affected by this vulnerability is an unknown code of the component sslSocket Handler. The manipulation of the argument nsSSL3Ciphers with an unknown input leads to a 7pk security vulnerability. The CWE definition for the vulnerability is CWE-254. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

389 Directory Server (formerly Fedora Directory Server) before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified impact by requesting to use a disabled cipher.

The weakness was presented 10/29/2015 (Website). It is possible to read the advisory at directory.fedoraproject.org. This vulnerability is known as CVE-2015-3230 since 04/10/2015. The attack can be launched remotely. The exploitation doesn't need any form of authentication. Technical details of the vulnerability are known, but there is no available exploit. The attack technique deployed by this issue is T1211 according to MITRE ATT&CK.

The vulnerability scanner Nessus provides a plugin with the ID 84927 , which helps to determine the existence of the flaw in a target environment.

Upgrading to version 1.3.3.12 eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at Tenable (84927).

Productinfo

Type

• Directory Service Software

Vendor

• 389

Name

• Directory Server

Version

• 1.3.3.0
• 1.3.3.1
• 1.3.3.2
• 1.3.3.3
• 1.3.3.4
• 1.3.3.5
• 1.3.3.6
• 1.3.3.7
• 1.3.3.8
• 1.3.3.9
• 1.3.3.10
• 1.3.3.11

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion