CVE-2026-11789

A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication...

Linux Distros Unpatched Vulnerability : CVE-2026-11789

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted passwor...

EUVD-2005-2378

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-20277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of t...

UBUNTU-CVE-2024-8445

The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying userPassword using malformed input...

Updated ldb/samba/sssd packages fix security vulnerability

Fixed AD restrictions bypass associated with changing passwords bsc1201495. CVE-2022-2031 Fixed a memory leak in SMB1 bsc1201496. CVE-2022-32742 Fixed an arbitrary password change request for any AD user bsc1201493. CVE-2022-32744 Fixed a remote server crash with an LDAP add or modify request...

EUVD-2021-7711

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability...

USN-4888-2: ldb vulnerabilities

USN-4888-1 fixed several vulnerabilities in ldb. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue t...

Security fix for the ALT Linux 10 package samba version 4.10.5-alt1

July 31, 2019 Evgeny Sinelnikov 4.10.5-alt1 - Update to latest security release - Security fixes: + CVE-2019-12435 Samba AD DC Denial of Service in DNS management server dnsserver + CVE-2019-12436 Samba AD DC LDAP server crash paged searches...

EulerOS Virtualization 2.5.0 : curl (EulerOS-SA-2018-1330)

According to the versions of the curl package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that libcurl did not safely parse FTP URLs when using the CURLOPTFTPFILEMETHOD method. An attacker, able to provide a...

CVE-2018-10935

A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort...

CVE-2018-10935

A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort...

CVE-2018-10935

A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort...

MGASA-2018-0222 Updated php packages fix security vulnerabilities

Heap Buffer Overflow READ: 1786 in exifiifaddvalue CVE-2018-10549 - Stream filter convert.iconv leads to infinite loop on invalid sequence CVE-2018-10546 - Malicious LDAP-Server Response causes Crash. CVE-2018-10548 - incomplete PHAR Fix CVE-2018-10547...

USN-3307-1 openldap vulnerability

Karsten Heymann discovered that OpenLDAP incorrectly handled certain search requests. A remote attacker could use this issue to cause slapd to crash, resulting in a denial of service...

DEBIAN-CVE-2013-4449

The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service slapd crash by unbinding immediately after a search request, which triggers rwmconndestroy to free the session context while it is being used by...