Lucene search
K

226 matches found

RedHat Linux
RedHat Linux
added 2021/06/08 10:39 p.m.3 views

389-ds-base: information disclosure during the binding of a DN

When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...

5.3CVSS5.8AI score0.01538EPSS
Exploits0References4
OSV
OSV
added 2021/05/20 1:15 p.m.1 views

DEBIAN-CVE-2021-3480

A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...

7.5CVSS6.7AI score0.01701EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/05/19 10:31 a.m.2 views

slapi-nis: NULL dereference (DoS) with specially crafted Binding DN

A flaw was found in slapi-nis. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...

7.5CVSS5.7AI score0.01701EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/05/19 10:2 a.m.4 views

slapi-nis: NULL dereference (DoS) with specially crafted Binding DN

A flaw was found in slapi-nis. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...

7.5CVSS5.7AI score0.01701EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/05/18 7:8 p.m.5 views

slapi-nis: NULL dereference (DoS) with specially crafted Binding DN

A flaw was found in slapi-nis. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...

7.5CVSS5.7AI score0.01701EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/05/17 12:0 a.m.3 views

slapi-nis 代码问题漏洞

slapi-nis is An open source application. NIS Server plug-in and Schema Compatibility plug-in for Red Hat Directory Server and 389 Directory Server. A security vulnerability exists in slapi-nis that stems from the use of NULL pointer dereferences when resolving bind DNs could allow an...

7.5CVSS7.2AI score0.01701EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2021/04/19 3:57 p.m.3 views

389-ds-base: information disclosure during the binding of a DN

When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...

5.3CVSS5.8AI score0.01538EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/04/19 9:56 a.m.2 views

389-ds-base: information disclosure during the binding of a DN

When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...

5.3CVSS5.8AI score0.01538EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/04/06 3:8 p.m.4 views

389-ds-base: information disclosure during the binding of a DN

When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...

5.3CVSS5.8AI score0.01538EPSS
Exploits0References4
OSV
OSV
added 2021/03/26 5:15 p.m.2 views

DEBIAN-CVE-2020-35518

When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...

5.3CVSS5.6AI score0.01538EPSS
Exploits0References1
OSV
OSV
added 2021/03/25 3:32 p.m.8 views

USN-4888-2 ldb vulnerabilities

USN-4888-1 fixed several vulnerabilities in ldb. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue t...

7.5CVSS7.2AI score0.04328EPSS
Exploits0References3
OSV
OSV
added 2021/03/05 11:2 a.m.4 views

OESA-2021-1062 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

7.5CVSS6.6AI score0.84224EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2021/02/16 6:32 p.m.1 views

389-ds-base: information disclosure during the binding of a DN

When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...

5.3CVSS5.8AI score0.01538EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/02/16 12:0 a.m.8 views

Red Hat Directory Server Information Disclosure Vulnerability

Red Hat Directory Server is a commercial Linux directory server from Red Hat, Inc. An information disclosure vulnerability exists in Red Hat Directory Server, which can be exploited by an attacker to bypass data access restrictions via the Red Hat Directory Server's DN bindings in order to obtain...

5.3CVSS6.2AI score0.01538EPSS
Exploits0References17
OSV
OSV
added 2021/02/08 12:55 p.m.9 views

USN-4724-1 openldap vulnerabilities

It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36221 It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...

7.5CVSS7.2AI score0.84224EPSS
Exploits0References11
OSV
OSV
added 2021/01/26 6:15 p.m.1 views

DEBIAN-CVE-2020-36230

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...

7.5CVSS6.9AI score0.1229EPSS
Exploits0References1
OSV
OSV
added 2021/01/26 6:15 p.m.3 views

ALPINE-CVE-2020-36230

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...

7.5CVSS6.7AI score0.1229EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/26 12:0 a.m.6 views

OpenLDAP 安全漏洞

OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol LDAP. A slapd security vulnerability exists in the X.509 DN parsing of decode.c bernextelement in OpenLDAP versions prior to 2.4.57. An attacker could exploit this vulnerability to cause a denial of servic...

7.5CVSS6.9AI score0.1229EPSS
Exploits0References31
OSV
OSV
added 2020/12/08 1:15 a.m.3 views

ALPINE-CVE-2020-25692

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service...

7.5CVSS6.9AI score0.02183EPSS
Exploits0References1
OSV
OSV
added 2020/12/08 1:15 a.m.2 views

DEBIAN-CVE-2020-25692

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service...

7.5CVSS7.5AI score0.02183EPSS
Exploits0References1
Rows per page
Query Builder