Lucene search
K

226 matches found

OSV
OSV
added 2017/11/23 5:29 p.m.21 views

CVE-2017-15088

plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and application crash in situations involving untrusted X.509 data,...

9.8CVSS8.2AI score
Exploits0References5
OSV
OSV
added 2017/11/23 5:29 p.m.1 views

UBUNTU-CVE-2017-15088

plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and application crash in situations involving untrusted X.509 data,...

9.8CVSS7.4AI score0.0837EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/11/23 5:0 p.m.30 views

CVE-2017-15088

plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and application crash in situations involving untrusted X.509 data,...

9.8AI score0.0837EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2017/11/23 5:0 p.m.28 views

CVE-2017-15088

plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and application crash in situations involving untrusted X.509 data,...

9.8CVSS8.8AI score0.0837EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2017/11/23 5:0 p.m.38 views

CVE-2017-15088

plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and application crash in situations involving untrusted X.509 data,...

9.8CVSS10AI score0.0837EPSS
Exploits0
seebug.org
seebug.org
added 2017/09/19 12:0 a.m.918 views

Randombit Botan Library X509 Certificate Validation Bypass Vulnerability(CVE-2017-2801)

Summary A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in...

7.5CVSS9.1AI score0.05741EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2017/07/13 12:0 a.m.22 views

Virtuozzo 6 : 389-ds-base / 389-ds-base-devel / 389-ds-base-libs (VZLSA-2017-0893)

An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

6.5CVSS6.6AI score0.02627EPSS
Exploits0References3
OSV
OSV
added 2017/06/08 7:29 p.m.3 views

UBUNTU-CVE-2016-4992

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects...

7.5CVSS7AI score0.02412EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2017/05/09 4:41 p.m.4 views

OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)

It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN...

5.8CVSS7.3AI score0.01933EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/04/12 12:0 a.m.37 views

Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20170411)

Security Fixes : - An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. CVE-2017-2668 Bug Fixes : -...

6.5CVSS6.6AI score0.02627EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/02/28 8:29 a.m.2 views

OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)

It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN...

5.8CVSS7.3AI score0.01933EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/02/28 8:19 a.m.4 views

OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)

It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN...

5.8CVSS7.3AI score0.01933EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/02/13 11:17 a.m.6 views

OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)

It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN...

5.8CVSS7.3AI score0.01933EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/01/20 11:4 a.m.2 views

OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)

It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN...

5.8CVSS7.3AI score0.01933EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/01/19 2:8 p.m.5 views

OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)

It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN...

5.8CVSS7.3AI score0.01933EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/01/19 1:59 p.m.4 views

OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)

It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN...

5.8CVSS7.3AI score0.01933EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/01/19 1:58 p.m.8 views

OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)

It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN...

5.8CVSS7.3AI score0.01933EPSS
Exploits0References4
OSV
OSV
added 2016/05/13 12:0 a.m.1 views

UBUNTU-CVE-2016-4574

Off-by-one error in the appendutf8value function in the DN decoder dn.c in Libksba before 1.3.4 allows remote attackers to cause a denial of service out-of-bounds read via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356...

7.5CVSS7.2AI score0.02761EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/01/08 10:17 a.m.5 views

libldb: remote memory read in the Samba LDAP server

A memory-read flaw was found in the way the libldb library processed LDB DN records with a null byte. An authenticated, remote attacker could use this flaw to read heap-memory pages from the server...

7.5CVSS7.2AI score0.06114EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/11/11 12:0 a.m.27 views

CentOS Update for libipa_hbac CESA-2015:2019 centos6

Check the version of libipahbac SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882323";...

6.8CVSS7.2AI score0.03666EPSS
Exploits0References2
Rows per page
Query Builder