79 matches found
OpenJDK LDAP client remote code execution (6737315)
Unspecified vulnerability in the LDAP implementation in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier allows remote LDAP servers to execute arbitrary code via unknown vector...
phpLDAPadmin - Local File Inclusion
phpLDAPadmin - Local File Inclusion PHPLDAPADMIN LOCAL FILE INCLUSION author : ipsecs website : http://ipsecs.com Date : December, 10th, 2009 -i- Description "Phpldapadmin is web based LDAP client which provides easy, anywhere-accessible, multi-language administration for LDAP server."...
phpldapadmin Local File Inclusion
Exploit for unknown platform in category web applications ================================= phpldapadmin Local File Inclusion ================================= PHPLDAPADMIN LOCAL FILE INCLUSION author : ipsecs website : http://ipsecs.com Date : December, 10th, 2009 -i- Description "Phpldapadmin i...
CVE-2009-4080
Multiple unspecified vulnerabilities in ldapcachemgr aka the LDAP client configuration cache daemon in Sun Solaris 9 and 10, and OpenSolaris before snv78, allow local users to cause a denial of service daemon crash via vectors involving multiple serviceSearchDescriptor attributes and a call to th...
OpenJDK LDAP client remote code execution (6737315)
Unspecified vulnerability in the LDAP implementation in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier allows remote LDAP servers to execute arbitrary code via unknown vector...
LDAP Client Anonymous Bind Connection
Binary data 4316.prm...
LDAP Client Anonymous Bind Utilization
Binary data 4317.prm...
CVE-2002-2328
Technical details for CVE-2002-2328 are not publicly available in the provided documents. No affected products, versions, or remediation are specified here. Monitor for updates from Red Hat/NVD/CVE sources.
CVE-2002-2328
Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service hang via an LDAP client that sets the page length to zero during a large request...
CentOS 4 : openldap / nss_ldap (CESA-2005:767)
Updated openldap and nssldap packages that correct a potential password disclosure issue and possible authentication vulnerability are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenLDAP is an open source suite of LDAP...
Sun Solaris LDAP client information leak
Command parameters, including password are available from tasks list...
CVE-2005-3170
CVE-2005-3170 affects Microsoft Windows 2000 prior to Update Rollup 1 for SP4. The LDAP client accepts LDAPS certificates even when the CA is not trusted, enabling attackers to mislead users into thinking they are on a trusted site. No exploitation details are provided in the sources. Remediation...
CVE-2005-3170
The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates using LDAP Secure Sockets Layer LDAPS even when the Certificate Authority CA is not trusted, which could allow attackers to trick users into believing that they are accessing a trusted site...
phpLDAPadmin: Authentication bypass
Background phpLDAPadmin is a web-based LDAP client allowing to easily manage LDAP servers. Description Alexander Gerasiov discovered a flaw in login.php preventing the application from validating whether anonymous bind has been disabled in the target LDAP server configuration. Impact Anonymous...
CVE-2002-0697
Microsoft Metadirectory Services MMS 2.2 allows remote attackers to bypass authentication and modify sensitive data by using an LDAP client to directly connect to MMS and bypass the checks for MMS credentials...
CVE-2002-2328
Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service hang via an LDAP client that sets the page length to zero during a large request...
CVE-2002-0697
Microsoft Metadirectory Services MMS 2.2 allows remote attackers to bypass authentication and modify sensitive data by using an LDAP client to directly connect to MMS and bypass the checks for MMS credentials...
Security Bulletin MS02-036: Authentication Flaw in Microsoft Metadirectory Services Could Allow Privilege Elevation (Q317138)
---------------------------------------------------------------------- Title: Authentication Flaw in Microsoft Metadirectory Services Could Allow Privilege Elevation Q317138 Date: 24 July 2002 Software: Microsoft Metadirectory Services 2.2 Impact: Elevation of privilege Max Risk: Medium Bulletin:...
DUO-PSA-2016-001: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2016-001 Original Publication Date: 2016-05-11 Revision Date: 2016-05-23 Status: Confirmed, Fixed Document Revision: 3 Overview Duo Security has identified multiple issues in the Duo Authentication Proxy which, under certain configurations, could...