226 matches found
389-ds-base: information disclosure during the binding of a DN
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
DEBIAN-CVE-2021-3480
A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...
slapi-nis: NULL dereference (DoS) with specially crafted Binding DN
A flaw was found in slapi-nis. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...
slapi-nis: NULL dereference (DoS) with specially crafted Binding DN
A flaw was found in slapi-nis. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...
slapi-nis: NULL dereference (DoS) with specially crafted Binding DN
A flaw was found in slapi-nis. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...
slapi-nis 代码问题漏洞
slapi-nis is An open source application. NIS Server plug-in and Schema Compatibility plug-in for Red Hat Directory Server and 389 Directory Server. A security vulnerability exists in slapi-nis that stems from the use of NULL pointer dereferences when resolving bind DNs could allow an...
389-ds-base: information disclosure during the binding of a DN
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
389-ds-base: information disclosure during the binding of a DN
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
389-ds-base: information disclosure during the binding of a DN
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
DEBIAN-CVE-2020-35518
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
USN-4888-2 ldb vulnerabilities
USN-4888-1 fixed several vulnerabilities in ldb. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue t...
OESA-2021-1062 openldap security update
OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...
389-ds-base: information disclosure during the binding of a DN
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
Red Hat Directory Server Information Disclosure Vulnerability
Red Hat Directory Server is a commercial Linux directory server from Red Hat, Inc. An information disclosure vulnerability exists in Red Hat Directory Server, which can be exploited by an attacker to bypass data access restrictions via the Red Hat Directory Server's DN bindings in order to obtain...
USN-4724-1 openldap vulnerabilities
It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36221 It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...
DEBIAN-CVE-2020-36230
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...
ALPINE-CVE-2020-36230
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...
OpenLDAP 安全漏洞
OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol LDAP. A slapd security vulnerability exists in the X.509 DN parsing of decode.c bernextelement in OpenLDAP versions prior to 2.4.57. An attacker could exploit this vulnerability to cause a denial of servic...
ALPINE-CVE-2020-25692
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service...
DEBIAN-CVE-2020-25692
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service...