{"id":"MGASA-2014-0145","summary":"Updated 389-ds-base package fixes security vulnerability","details":"It was discovered that the 389 Directory Server did not properly handle\ncertain SASL-based authentication mechanisms. A user able to authenticate\nto the directory using these SASL mechanisms could connect as any other\ndirectory user, including the administrative Directory Manager account.\nThis could allow them to modify configuration values, as well as read and\nwrite any data the directory holds (CVE-2014-0132).\n","modified":"2026-04-16T06:23:44.671164410Z","published":"2014-03-31T19:44:51Z","upstream":["CVE-2014-0132"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0145.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13019"},{"type":"WEB","url":"https://rhn.redhat.com/errata/RHSA-2014-0292.html"}],"affected":[{"package":{"name":"389-ds-base","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/389-ds-base?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.0.9-1.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0145.json"}},{"package":{"name":"389-ds-base","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/389-ds-base?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.2.7-1.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0145.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}