Lucene search
K

718 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0006: libldb (ALINUX3-SA-2023:0006)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0006 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-32746: A flaw was found in the Samba AD LD...

5.4CVSS7AI score0.01064EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/05/13 1:31 p.m.9 views

Moderate: Red Hat Security Advisory: 389-ds-base security update

An update for 389-ds-base is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

4.9CVSS5.8AI score0.00553EPSS
Exploits0References2
OSV
OSV
added 2025/05/13 12:0 a.m.10 views

ALSA-2025:7395 Moderate: 389-ds-base security update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: null pointer dereference leads to denial of service CVE-2025-2487 F...

4.9CVSS7.1AI score0.00553EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2025/05/07 7:13 p.m.5 views

sssd bug fix update

An update is available for sssd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon SSSD service provides a set of daemons to...

7.7AI score
Exploits0
AlmaLinux
AlmaLinux
added 2025/05/06 12:0 a.m.11 views

Moderate: 389-ds-base security update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: null pointer dereference leads to denial of service CVE-2025-2487 F...

4.9CVSS6.8AI score0.00553EPSS
Exploits0References4
Metasploit
Metasploit
added 2025/05/01 6:50 p.m.482 views

LDAP Password Disclosure

This module will gather passwords and password hashes from a target LDAP server via multiple techniques including Windows LAPS. For best results, run with SSL because some attributes are only readable over encrypted connections. Module Options msf use auxiliary/gather/ldappasswords msf...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/13 12:0 a.m.14 views

RHEL 9 : 389-ds-base (RHSA-2025:3663)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3663 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...

4.9CVSS6AI score0.00553EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/04/13 12:0 a.m.17 views

RHEL 9 : redhat-ds:12 (RHSA-2025:3670)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3670 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol LDAP serve...

4.9CVSS6AI score0.00553EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/04/10 3:23 p.m.52 views

CVE-2024-32122

A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server...

4.4CVSS6.1AI score0.00207EPSS
Exploits0References1
NVD
NVD
added 2025/04/08 2:15 p.m.18 views

CVE-2024-32122

A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server...

4.4CVSS0.00207EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/08 2:2 p.m.9 views

CVE-2024-32122

A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server...

2.3CVSS5.7AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/08 2:2 p.m.16 views

CVE-2024-32122

A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server...

2.3CVSS0.00207EPSS
Exploits0References1
CVE
CVE
added 2025/04/08 2:2 p.m.175 views

CVE-2024-32122

CVE-2024-32122 concerns Fortinet FortiOS where passwords are stored in a recoverable format. According to Fortinet PSIRT (FG-IR-24-111) and corroborating sources, an attacker can achieve information disclosure by modifying the LDAP server IP to point to a malicious server. Affected FortiOS versio...

4.4CVSS5.7AI score0.00207EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2025/04/08 12:15 a.m.19 views

389-ds-base: null pointer dereference leads to denial of service

A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it...

4.9CVSS5.7AI score0.00553EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.6 views

PT-2025-15426 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.2.0 through 7.2.1 Description: The issue allows an attacker to disclose information by modifying the LDAP server IP to point to a malicious server, due to passwords being stored in a recoverable format...

4.4CVSS5.8AI score0.00207EPSS
Exploits0References10
OSV
OSV
added 2025/04/03 12:55 p.m.3 views

OESA-2025-1374 three-eight-nine-ds-base security update

389-ds-base is an LDAPv3 compliant server which includes the LDAP server and command line utilities for server administration. Security Fixes: A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function...

4.9CVSS6.7AI score0.00553EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/27 12:0 a.m.17 views

Amazon Linux 2 : 389-ds-base (ALAS-2025-2798)

The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2798 advisory. A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user...

7.5CVSS6.5AI score0.01256EPSS
Exploits0References10
Amazon
Amazon
added 2025/03/25 12:0 a.m.5 views

Medium: 389-ds-base

Issue Overview: A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying userPassword using malformed input. CVE-2024-2199 A flaw was found in 389-ds-base. A specially-crafted LDAP query can...

7.5CVSS6.6AI score0.01256EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/03/21 7:6 p.m.15 views

Metasploit Wrap-Up 03/21/2025

SMB to LDAP Relay This week, the Metasploit team have added an exciting relay module that has been in the works for a long time. This relay module is used to host an SMB server, and execute an SMB to LDAP relay attack against a Domain controller with an LDAP server when NTLMv1 is being used as th...

7.8CVSS8.9AI score0.02551EPSS
Exploits2
SUSE CVE
SUSE CVE
added 2025/03/19 2:51 a.m.2 views

SUSE CVE-2025-2487

A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it...

7.5CVSS6.5AI score0.00553EPSS
Exploits0References6
Rows per page
Query Builder