Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDAE7124FF-547C-11DB-8F1A-000A48049292
HistoryJun 14, 2006 - 12:00 a.m.

openldap -- slapd acl selfwrite Security Issue

2006-06-1400:00:00
vuxml.freebsd.org
14

2.3 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:S/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

69.8%

JSON

Howard Chu reports:

An ACL of the form ‘access to dn.subtree=“ou=groups,
dc=example,dc=com” attr=member by * selfwrite’ is intended
to only allow users to add/delete their own DN to the
target attribute. Currently it allows any DNs to be
modified.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchopenldap-server< 2.3.25UNKNOWN
FreeBSDanynoarchopenldap-sasl-server< 2.3.25UNKNOWN

Related

nessus 12
redhat 2
oraclelinux 1
openvas 4
centos 2
cve 1
ubuntucve 1
gentoo 1
securityvulns 1
vmware 1
nessus
nessus
Scientific Linux Security Update : openldap on SL3.x i386/x86_64
2012-08-01 00:00:00
RHEL 4 : openldap (RHSA-2007:0310)
2007-05-02 00:00:00
CentOS 3 : openldap (CESA-2007:0430)
2007-06-14 00:00:00
redhat
redhat
(RHSA-2007:0310) Low: openldap security update
2007-05-01 00:00:00
(RHSA-2007:0430) Low: openldap security and bug-fix update
2007-06-11 13:45:45
oraclelinux
oraclelinux
Low: openldap security update
2007-05-17 00:00:00
openvas
openvas
FreeBSD Ports: openldap-server, openldap-sasl-server
2008-09-04 00:00:00
FreeBSD Ports: openldap-server, openldap-sasl-server
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200711-23 (vmware-workstation vmware-player)
2008-09-24 00:00:00
centos
centos
compat, gdm, openldap security update
2007-05-02 08:52:57
openldap security update
2007-06-11 21:07:22
cve
cve
CVE-2006-4600
2006-09-07 00:04:00
ubuntucve
ubuntucve
CVE-2006-4600
2006-09-07 00:00:00
gentoo
gentoo
VMware Workstation and Player: Multiple vulnerabilities
2007-11-18 00:00:00
securityvulns
securityvulns
VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player
2007-09-21 00:00:00
vmware
vmware
Updated versions of all supported hosted products and all ESX 2x products and patches for ESX 30x address critical security updates. Service Console security updates for samba, bind, krb5, vixie-cron, shadow-utils, openldap, pam, gcc, and gdb packages.
2007-09-18 00:00:00

2.3 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:S/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

69.8%

JSON
Related for AE7124FF-547C-11DB-8F1A-000A48049292
nessus12redhat2oraclelinux1openvas4centos2cve1ubuntucve1gentoo1securityvulns1vmware1