CVE-2020-35518

Name	CVE-2020-35518
Description	When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
389-ds-base (PTS)	jessie, jessie (lts)	1.3.3.5-4+deb8u7	vulnerable
	stretch	1.3.5.17-2	fixed
	buster (security), buster, buster (lts)	1.4.0.21-1+deb10u1	fixed
	bullseye	1.4.4.11-2	fixed
	bookworm	2.3.1+dfsg1-1	fixed
	sid, trixie	3.1.1+dfsg1-2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency
389-ds-base	source	jessie	(unfixed)	end-of-life
389-ds-base	source	stretch	(not affected)
389-ds-base	source	buster	(not affected)
389-ds-base	source	(unstable)	1.4.4.10-1

Notes

[buster] - 389-ds-base <not-affected> (Vulnerable code introduced later)
[stretch] - 389-ds-base <not-affected> (Vulnerable code introduced later)
https://bugzilla.redhat.com/show_bug.cgi?id=1905565
https://github.com/389ds/389-ds-base/issues/4480
https://github.com/389ds/389-ds-base/commit/cc0f69283abc082488824702dae485b8eae938bc (master)
https://github.com/389ds/389-ds-base/commit/38b97faef8a6421a7a638ecdbf0b341e2b3f9ab3 (1.4.4.10)
Introduced as side-effect of https://github.com/389ds/389-ds-base/issues/2535