851 matches found
nss_ldap randomly replying with wrong user's data
Race condition in nssldap, when used in applications that are linked against the pthread library and fork after a call to nssldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong...
Microsoft Windows Active Directory LDAP Request Validation Remote Denial Of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability because Microsoft Active Directory, ADAM Active Directory Application Mode, and AD LDS Active Directory Lightweight Directory Service fail to handle specially crafted Lightweight Directory Access Protocol LDAP...
Novell eDirectory HTTP Headers Denial of Service (CVE-2008-0927)
Novell eDirectory is a Lightweight Directory Access Protocol LDAP directory-based identity management system that centralizes the management of user identities, access privileges and many other network resources. A denial of service vulnerability was identified in Novell eDirectory. The...
Debian: Security Advisory (DSA-1541-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1541-1 : openldap2.3 - several vulnerabilities
Several remote vulnerabilities have been discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5707 Thomas Sesselmann discovered that slapd could be crashed by a...
DSA-1541-1 openldap2.3
Bulletin has no description...
compat, openldap security update
CentOS Errata and Security Advisory CESA-2008:0110 Updated openldap packages that fix security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenLDAP is an open source suite of...
Moderate: Red Hat Security Advisory: openldap security update
Updated openldap packages that fix security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenLDAP is an open source suite of Lightweight Directory Access Protocol LDAP applicatio...
Apple iPhoto 4.0.3 DPAP Server Denial of Service Exploit
No description provided by source. !/usr/bin/perl crash the iPhoto DPAP Digital Photo Access Protocol Server on iPhoto 4.0.3 technically the server exits cleanly but it does not restart use IO::Socket::INET; die "Usage $0 targetip\n" unless $ARGV0; $| = 1; if $ARGV1 $port = $ARGV1; else ...
CVE-2008-0830
The Digital Photo Access Protocol DPAP server for iPhoto 4.0.3 allows remote attackers to cause a denial of service crash via a malformed dpap: URI, a different vulnerability than CVE-2008-0043...
Apple iOS 4.0.3 - DPAP Server Denial of Service
!/usr/bin/perl crash the iPhoto DPAP Digital Photo Access Protocol Server on iPhoto 4.0.3 technically the server exits cleanly but it does not restart use IO::Socket::INET; die "Usage $0 \n" unless $ARGV0; $| = 1; if $ARGV1 $port = $ARGV1; else $port = 8770; $socket=new...
"Apple iPhoto 4.0.3 DPAP Server Denial of Service Exploit"
No description provided by source. !/usr/bin/perl crash the iPhoto DPAP Digital Photo Access Protocol Server on iPhoto 4.0.3 technically the server exits cleanly but it does not restart use IO::Socket::INET; die "Usage $0 targetip\n" unless $ARGV0; $| = 1; if $ARGV1 $port = $ARGV1; else $port =...
[SECURITY] Fedora 7 Update: openldap-2.3.34-6.fc7
OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...
DEBIAN-CVE-2007-6598
Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password...
[SECURITY] Fedora 7 Update: openldap-2.3.34-4.fc7
OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...
[SECURITY] Fedora Core 6 Update: openldap-2.3.30-3.fc6
OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...
[SECURITY] Fedora 8 Update: openldap-2.3.39-1.fc8
OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...
Cisco Security Advisory: LDAP and VPN Vulnerabilities in PIX and ASA Appliances
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: LDAP and VPN Vulnerabilities in PIX and ASA Appliances Advisory ID: cisco-sa-20070502-asa http://www.cisco.com/warp/public/707/cisco-sa-20070502-asa.shtml Revision 1.0 Last Updated 2007 May 02 1600 UTC GMT For Public Release...
PT-2007-3786 · Cisco · Cisco Asa +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA and PIX version 7.2 before 7.228 Description: The issue concerns an unspecified vulnerability that allows remote attackers to bypass LDAP authentication and gain privileges when using Layer 2 Tunneling...
Cisco Security Agent Management Center vulnerable to authentication bypass
Overview Cisco Security Agent Management Center CSAMC may be vulnerable to authentication bypass when configured to use an external Lightweight Directory Access Protocol LDAP server for authentication. Description Cisco Security Agent Management Center CSAMC is a component of the CiscoWorks VPN...