226 matches found
Ntop nDPI Buffer Overflow Vulnerability (CNVD-2020-36701)
Ntop nDPI is an open source library for deep packet inspection from Ntop Italy. A buffer overflow vulnerability exists in the extractRDNSequence of the lib/protocols/tls.c file in Ntop nDPI 3.2 and earlier versions. The vulnerability stems from a network system or product performing operations in...
CVE-2020-4320
IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD do not correctly block or allow clients based on the certificate distinguished name SSLPEER setting. IBM X-Force ID: 177403...
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2018-1007)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2019-13057
An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN database admin privileges for certain databases but wants to maintain isolation e.g., for multi-tenant deployments, slapd does not properly stop a rootDN from requesting authorization a...
ALPINE-CVE-2019-13057
An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN database admin privileges for certain databases but wants to maintain isolation e.g., for multi-tenant deployments, slapd does not properly stop a rootDN from requesting authorization a...
UBUNTU-CVE-2019-13057
An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN database admin privileges for certain databases but wants to maintain isolation e.g., for multi-tenant deployments, slapd does not properly stop a rootDN from requesting authorization a...
PT-2019-4149 · Openldap +3 · Openldap +3
Name of the Vulnerable Software and Affected Versions: OpenLDAP versions prior to 2.4.48 Description: An issue in the server allows a rootDN to request authorization as an identity from another database during a SASL bind or with a proxyAuthz control, potentially leading to information disclosure...
krb5: DN container check bypass by supplying special crafted data
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN stri...
389-ds-base: Server crash through modify command with large DN
A vulnerability was discovered in 389-ds-base. The lock controlling the error log was not correctly used when re-opening the log file in logerroremergency. An attacker could send a flood of modifications to a very large DN, which would cause slapd to crash...
UBUNTU-CVE-2018-14624
A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in logerroremergency. An attacker could send a flood of modifications to a very large DN, which would cause slapd t...
DEBIAN-CVE-2014-3999
The HordeLdap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN...
MIT krb5 Security Bypass Vulnerability
MIT krb5 also known as MIT Kerberos 5 is the United States Massachusetts Institute of Technology MIT developed a set of network authentication protocols, which uses a client/server structure, and the client and server side can be authenticated to each other i.e., double authentication to prevent...
DEBIAN-CVE-2018-5730
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN stri...
UBUNTU-CVE-2018-5730
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN stri...
EulerOS 2.0 SP2 : krb5 (EulerOS-SA-2018-1008)
According to the version of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote...
EulerOS 2.0 SP1 : krb5 (EulerOS-SA-2018-1007)
According to the version of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote...
DEBIAN-CVE-2017-15088
plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and application crash in situations involving untrusted X.509 data,...
CVE-2017-15088
plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and application crash in situations involving untrusted X.509 data,...
CVE-2017-15088
plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and application crash in situations involving untrusted X.509 data,...
Buffer overflow
plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and application crash in situations involving untrusted X.509 data,...