Lucene search
K

2399 matches found

CERT
CERT
added 2001/07/17 12:0 a.m.34 views

Multiple versions of OpenLDAP are vulnerable to denial-of-service attacks

Overview Multiple versions of OpenLDAP contain vulnerabilities that may allow denial-of-service attacks. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, the CERT/CC encourages you to follow the...

5CVSS6.6AI score0.04093EPSS
Exploits0References4
NVD
NVD
added 2001/07/16 4:0 a.m.23 views

CVE-2001-0977

slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service crash via an invalid Basic Encoding Rules BER length field...

5CVSS6.5AI score0.04093EPSS
Exploits0References9
NVD
NVD
added 2000/10/20 4:0 a.m.13 views

CVE-2000-0748

OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse...

4.6CVSS6.5AI score0.00353EPSS
Exploits0References2
NVD
NVD
added 2000/10/20 4:0 a.m.12 views

CVE-2000-0747

The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon klogd and kills it...

10CVSS6.5AI score0.01725EPSS
Exploits0References2
CVE
CVE
added 2000/09/21 4:0 a.m.47 views

CVE-2000-0748

OpenLDAP 1.2.11 and earlier is affected by CVE-2000-0748 due to the ud binary being installed with group write permissions. This allows any user in the affected group to replace the ud binary with a Trojan horse, enabling potential tampering of LDAP operations. The CVSS v2 metrics indicate LOCAL ...

4.6CVSS6.9AI score0.00353EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2000/09/21 4:0 a.m.19 views

CVE-2000-0748

OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse...

6.5AI score0.00353EPSS
Exploits0References2
securityvulns
securityvulns
added 2000/09/08 12:0 a.m.55 views

Linux news 8.09.00

Linux Kernel 2.4.0 test8 pre6 Вышел шестой пререлиз восьмого тестового ядра Linux Kernel 2.4.0. Подробнее: http://linuxtoday.com/newsstory.php3?ltsn=2000-09-06-002-04-NW-KN Linux 2.0.39pre8 David Weinehall выпустил следующую pre-версию нового ядра из старой стабильной серии Linux: 2.0.39pre8...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2000/09/05 12:0 a.m.122 views

Linux news 5.09.00

Linux 2.2.17 Вышло новое ядро из стабильной серии - 2.2.17 Подробнее: http://www.linux.org.uk/VERSION/relnotes.2217.html Linux 2.2.18pre3 Alan Cox выпустил 1-ю pre-версию "после-следующего" стабильного ядра Linux - 2.2.18. Работа над следующим стабильным ядром Linux, 2.2.17, закончилась на pre20,...

7.7AI score
Exploits0
securityvulns
securityvulns
added 2000/07/27 12:0 a.m.23 views

Проблемы с OpenLDAP

исполняемые файлы устанавливаются с разрешениями позволяющие запись для группы...

0.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2000/07/27 12:0 a.m.32 views

Group-writable executable in OpenLDAP

OpenLDAP installs the ud binary in $binpath with mode 775 and default group i.e. either you primary gid or the directories gid. Of course the consequences depend on which group this actually is. This was checked with 1.2.11 latest stable, but probably also exists in earlier versions, since the...

2.3AI score
Exploits0
CVE
CVE
added 2000/07/12 4:0 a.m.81 views

CVE-2000-0336

Summary: CVE-2000-0336 affects the OpenLDAP server, where local users can modify arbitrary files via a symlink attack. The root cause described in connected Nessus/Mandrake entries is that OpenLDAP follows symbolic links when creating files, using a default location like /usr/tmp (symlinked to /t...

2.1CVSS6.4AI score0.00904EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2000/07/12 4:0 a.m.20 views

CVE-2000-0336

Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack...

6.3AI score0.00904EPSS
Exploits0References4
securityvulns
securityvulns
added 2000/04/22 12:0 a.m.34 views

Security Advisory

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: New openldap packages. Advisory ID: RHSA-2000:012-05 Issue date: 2000-04-13 Updated on: 2000-04-21 Product: Red Hat Linux Keywords: openldap startup symlink overwrite denial Cross...

6.9AI score
Exploits0
NVD
NVD
added 2000/04/21 4:0 a.m.17 views

CVE-2000-0336

Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack...

2.1CVSS6.3AI score0.00904EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2000/04/21 12:0 a.m.25 views

OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink

source: https://www.securityfocus.com/bid/1232/info A vulnerability exists in OpenLDAP as shipped with some versions of Linux, including RedHat 6.1 and 6.2, and TurboLinux 6.0.2 and earlier. OpenLDAP will create files in /usr/tmp, which is actually a symbolic link to the world writable /tmp...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2000/04/21 12:0 a.m.9 views

OpenLDAP 1.2.71.2.81.2.91.2.10 - usrtmp Symlink

OpenLDAP 1.2.71.2.81.2.91.2.10 - usrtmp Symlink source: https://www.securityfocus.com/bid/1232/info A vulnerability exists in OpenLDAP as shipped with some versions of Linux, including RedHat 6.1 and 6.2, and TurboLinux 6.0.2 and earlier. OpenLDAP will create files in /usr/tmp, which is actually ...

7.4AI score
Exploits0
Duo Security Advisories
Duo Security Advisories
added 1976/01/01 12:0 a.m.17 views

DUO-PSA-2020-002: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2020-002 Publication Date: 2020-04-28 Revision Date: 2020-04-28 Status: Confirmed, Fixed Document Revision: 1 Overview Duo Engineering has identified and fixed an issue with directory sync for on-premises Microsoft Active Directory, OpenLDAP, and...

6.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 1970/01/01 12:0 a.m.5 views

PT-2010-5625 · Openldap +1 · Libldap +3

Name of the Vulnerable Software and Affected Versions: openldap versions 2.2.13 through 2.4.22 openldap versions prior to 2.4.35 openldap-clients-2.2.13 openldap-servers-2.2.13 openldap-servers-sql-2.2.13 openldap-devel-2.2.13 compat-openldap-2.1.30 libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev...

9.8CVSS10AI score0.29238EPSS
Exploits3References53
Positive Technologies
Positive Technologies
added 1970/01/01 12:0 a.m.2 views

PT-2006-7589 · Openldap · Openldap

Name of the Vulnerable Software and Affected Versions: OpenLDAP versions prior to 2.3.29 Description: The issue allows remote attackers to cause a denial of service, resulting in a daemon crash, via LDAP BIND requests with long authcid names. This triggers an assertion failure, leading to a...

7.5CVSS7.4AI score0.75373EPSS
Exploits1References35
Rows per page
Query Builder