Upstream information

CVE-2015-1854 at MITRE


389 Directory Server before allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5
Vector AV:N/AC:L/Au:N/C:N/I:P/A:N
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact None
SUSE Bugzilla entry: 929034 [RESOLVED]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Module for Server Applications 15
  • 389-ds >=
  • 389-ds-devel >=
SUSE Linux Enterprise Module for Server Applications 15 GA 389-ds
openSUSE Tumbleweed
  • 389-ds >=
  • 389-ds-devel >=
openSUSE Tumbleweed GA 389-ds