Lucene search
K

394 matches found

RedHat Linux
RedHat Linux
added 2022/05/11 4:31 p.m.6 views

389-ds-base: sending crafted message could result in DoS

A vulnerability was found in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection. No bind or other authentication is required. This...

7.5CVSS5.8AI score0.05914EPSS
Exploits1References4
OSV
OSV
added 2022/05/04 8:15 p.m.26 views

CVE-2022-29155

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...

9.8CVSS2.3AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2022/05/04 8:15 p.m.45 views

CVE-2022-29155

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...

9.8CVSS7.2AI score0.69899EPSS
Exploits1References3
OSV
OSV
added 2022/03/16 3:15 p.m.2 views

DEBIAN-CVE-2022-0918

A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The...

7.5CVSS7.1AI score0.05914EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/03/16 3:15 p.m.52 views

CVE-2022-0918

A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The...

7.5CVSS6.7AI score0.05914EPSS
Exploits1References3
OSV
OSV
added 2022/03/16 3:15 p.m.1 views

UBUNTU-CVE-2022-0918

A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The...

7.5CVSS5.8AI score0.05914EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/03/16 12:0 a.m.2 views

Red Hat 389 Directory Server 安全漏洞

Red Hat 389 Directory Server formerly known as Fedora Directory Server is an enterprise-class Linux directory server from Red Hat. The server fully supports the LDAPv3 specification and features scalability and multi-master replication. A security vulnerability exists in Red Hat 389 Directory...

7.5CVSS6.8AI score0.05914EPSS
Exploits1References25
Positive Technologies
Positive Technologies
added 2022/03/16 12:0 a.m.4 views

PT-2022-6594 · Red Hat +5 · 389 Directory Server +6

Name of the Vulnerable Software and Affected Versions: 389 Directory Server affected versions not specified Description: A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial...

7.8CVSS6.4AI score0.08426EPSS
Exploits4References119
RedHat Linux
RedHat Linux
added 2022/02/22 5:11 p.m.2 views

openldap: assertion failure in Certificate List syntax validation

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability...

7.5CVSS7.2AI score0.02858EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/01/17 12:0 a.m.6 views

The vulnerability of the slapd server in the LDAP protocol OpenLDAP implementation, related to the lack of use of the assert() function, allows a attacker to cause a service failure.

The vulnerability of the slapd server in the LDAP OpenLDAP implementation is related to the insufficient use of the assert function. Exploiting this vulnerability allows a malicious actor to cause service failures using a malicious package...

7.5CVSS7.2AI score0.02858EPSS
Exploits0References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/12/28 12:0 a.m.6 views

The vulnerability of the open implementation of the OpenLDAP protocol, related to the possibility of successful assertion during syntax analysis, allows a perpetrator to perform a denial-of-service attack.

The vulnerability of the open implementation of the OpenLDAP protocol lies in the difficulty of verifying syntax analysis. Exploiting this vulnerability allows a malicious actor to perform a denial-of-service attack by sending a specially crafted request to slapd...

7.8CVSS6.8AI score0.1229EPSS
Exploits0References12Affected Software7
BDU FSTEC
BDU FSTEC
added 2021/12/28 12:0 a.m.5 views

The vulnerability of the open implementation of the OpenLDAP protocol, related to access to resources using incompatible types, allows a perpetrator to perform a denial-of-service attack.

The vulnerability of the open implementation of the OpenLDAP protocol lies in the access to resources using incompatible types. Exploiting this vulnerability allows a malicious actor to perform a denial-of-service attack by sending a specially crafted request to slapd...

7.8CVSS6.8AI score0.043EPSS
Exploits0References13Affected Software7
BDU FSTEC
BDU FSTEC
added 2021/12/28 12:0 a.m.4 views

The vulnerability of the open implementation of the OpenLDAP protocol, related to the assertion that the accessibility is met, allows a violator to perform a denial-of-service attack.

The vulnerability of the open implementation of the OpenLDAP protocol is related to the assertion that it is achievable. Exploiting this vulnerability allows a malicious actor to perform a service denial by sending a specially crafted package with a short timestamp to slapd...

7.8CVSS7.1AI score0.64147EPSS
Exploits1References11Affected Software7
BDU FSTEC
BDU FSTEC
added 2021/12/28 12:0 a.m.5 views

The vulnerability of the open implementation of the OpenLDAP protocol, related to resource management errors, allows a hacker to perform a denial-of-service attack.

The vulnerability of the open implementation of the OpenLDAP protocol is related to a resource management error. Exploiting this vulnerability allows a malicious actor to perform a denial-of-service attack by sending a specially crafted request to slapd...

7.8CVSS6.8AI score0.043EPSS
Exploits0References15Affected Software7
BDU FSTEC
BDU FSTEC
added 2021/12/28 12:0 a.m.3 views

The vulnerability of the open implementation of the OpenLDAP protocol, related to a countable loss of significance, allows a violator to perform a denial-of-service attack.

The vulnerability of the open implementation of the OpenLDAP protocol is related to a numerical exhaustion during the processing of a precise approval request for the list of certificates. Exploiting this vulnerability allows a malicious actor to perform a denial-of-service attack by sending a...

7.8CVSS6.8AI score0.83381EPSS
Exploits0References12Affected Software7
BDU FSTEC
BDU FSTEC
added 2021/12/28 12:0 a.m.4 views

The vulnerability of the OpenLDAP protocol, related to the reallocation of memory, allows a hacker to perform a denial-of-service attack.

The vulnerability of the OpenLDAP protocol is related to the reclamation of memory. Exploiting this vulnerability allows a malicious actor to perform a service denial by sending a specially crafted request to slapd...

7.8CVSS6.9AI score0.043EPSS
Exploits0References16Affected Software7
OpenVAS
OpenVAS
added 2021/11/02 12:0 a.m.19 views

OpenLDAP < 2.4.40 DoS Vulnerability

OpenLDAP is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

4.3CVSS9.2AI score0.10913EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2021/10/27 12:0 a.m.21 views

OpenLDAP < 2.4.57 Multiple DoS Vulnerabilities

OpenLDAP is prone to multiple denial of service DoS vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

7.5CVSS7.8AI score0.84224EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2021/07/01 12:0 a.m.32 views

EulerOS Virtualization 3.0.6.6 : openldap (EulerOS-SA-2021-2029)

According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c...

7.5CVSS7AI score0.84224EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2021/06/30 12:0 a.m.27 views

EulerOS Virtualization for ARM 64 3.0.6.0 : openldap (EulerOS-SA-2021-2004)

According to the versions of the openldap packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the...

7.5CVSS7AI score0.84224EPSS
Exploits1References12
Rows per page
Query Builder