Lucene search
K

39 matches found

Tenable Nessus
Tenable Nessus
added 2016/03/22 12:0 a.m.31 views

Solaris 10 (x86) : 150546-02 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: PAM LDAP module. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris...

10CVSS9.1AI score0.0334EPSS
Exploits0References2
CNVD
CNVD
added 2015/04/13 12:0 a.m.1 views

Dahan version of JCMS2.4 LDAP module file upload vulnerability

Dahan Edition JCMS is a popular content management system in China. A file upload vulnerability exists in Dahan Editon JCMS 2.4 LDAP module, data recovery function. The file /ldap/update/update.jsp does not have any restriction on the uploaded file types and contents. Allows an attacker to exploi...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/09/04 6:46 p.m.12 views

httpd: multiple XSS flaws due to unescaped hostnames

Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modldap, 4 modproxyftp, and 5...

4.3CVSS7.2AI score0.22913EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2013/07/03 4:18 p.m.4 views

httpd: multiple XSS flaws due to unescaped hostnames

Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modldap, 4 modproxyftp, and 5...

4.3CVSS7.2AI score0.22913EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2013/07/03 3:43 p.m.5 views

httpd: multiple XSS flaws due to unescaped hostnames

Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modldap, 4 modproxyftp, and 5...

4.3CVSS7.2AI score0.22913EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2013/07/03 3:38 p.m.4 views

httpd: multiple XSS flaws due to unescaped hostnames

Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modldap, 4 modproxyftp, and 5...

4.3CVSS7.2AI score0.22913EPSS
Exploits2References4
OSV
OSV
added 2013/02/26 4:55 p.m.2 views

DEBIAN-CVE-2012-3499

Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modldap, 4 modproxyftp, and 5...

4.3CVSS7.5AI score0.22913EPSS
Exploits2References1
The Hacker News
The Hacker News
added 2011/06/18 7:20 a.m.10 views

THC-HYDRA v6.4 - Fast network logon cracker

THC-HYDRA v6.4 - Fast network logon cracker THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2009/10/11 12:0 a.m.17 views

SLES11: Security update for YaST2 LDAP module

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: yast2-ldap-server More details may also be found by searching for the SuSE Enterprise Server 11 patch database located at...

7.5CVSS7.7AI score0.01787EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/10/11 12:0 a.m.22 views

SLES11: Security update for YaST2 LDAP module

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: yast2-ldap-server More details may also be found by searching for the SuSE Enterprise Server 11 patch database linked in the references...

7.5CVSS7.7AI score0.01787EPSS
Exploits0References3
NVD
NVD
added 2009/07/05 4:30 p.m.16 views

CVE-2009-1648

The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Server 11 aka SLE11 does not enable the firewall in certain circumstances involving reboots during online updates, which makes it easier for remote attackers to access network services...

7.5CVSS6.5AI score0.01787EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2008/09/03 12:0 a.m.14 views

eDirectory < 8.8 SP3 Multiple Vulnerabilities

Binary data 4641.prm...

10CVSS7.3AI score0.02123EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2008/05/22 12:0 a.m.24 views

RHEL 5 : nss_ldap (RHSA-2008:0389)

An updated nssldap package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The nssldap package contains the nssldap and pamldap modules. The nssldap module is a plug-in which allows...

4.3CVSS5.6AI score0.01164EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2008/05/01 12:0 a.m.18 views

Fedora 7 : dbmail-2.2.9-1.fc7 (2008-3371)

Fix possible authentication bypass in authldap authentication module when dbmail is used with LDAP servers allowing anonymous logins - CVE-2007-6714 443019. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

6.8CVSS5.5AI score0.02389EPSS
Exploits1References3
CVE
CVE
added 2007/10/18 10:0 a.m.39 views

CVE-2002-2265

CVE-2002-2265 affects Open Source Internet Solutions OSIS 5.4 on Tru64 UNIX 4.0G/4.0F, specifically the LDAP Module in System Authentication. The description states a vulnerability allowing remote attackers to gain access to arbitrary files or privileges via unknown attack vectors. No explicit ro...

6.4CVSS7.5AI score0.01218EPSS
Exploits0References3Affected Software1
F5 Networks
F5 Networks
added 2007/05/16 12:0 a.m.34 views

SOL5716 - Authentication bypass in PAM LDAP module - CAN-2005-2641

Vulnerability description: Vulnerability in pamldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. Information about this advisory is available at the following locations: US-CERT Vulnerability Note VU778916 pamldap authenticatio...

7.5CVSS0.7AI score0.03645EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/02/06 12:0 a.m.8 views

Communigate Pro < 5.0.8 LDAP Module BER Decoding DoS

Binary data 3415.prm...

7.5CVSS7.3AI score0.1028EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2006/01/28 12:0 a.m.15 views

Communigate Pro < 5.0.7 LDAP Module BER Decoding DoS

Binary data 3387.prm...

7.5CVSS7.3AI score0.1028EPSS
Exploits0References5
NVD
NVD
added 2002/12/31 5:0 a.m.11 views

CVE-2002-2265

Unspecified vulnerability in LDAP Module in System Authentication of Open Source Internet Solutions OSIS 5.4 running on Tru64 UNIX 4.0G and 4.0F allows remote attackers to gain access to arbitrary files or gain privileges via unknown attack vectors...

6.4CVSS7.1AI score0.01218EPSS
Exploits0References3
Rows per page
Query Builder