Lucene search
K

394 matches found

Tenable Nessus
Tenable Nessus
added 2007/11/09 12:0 a.m.27 views

Mandrake Linux Security Advisory : openldap (MDKSA-2007:215)

A flaw in the way OpenLDAP's slapd daemon handled malformed objectClasses LDAP attributes was discovered. A local or remote attacker could create an LDAP request that could cause a denial of service by crashing slapd. Updated packages have been patched to prevent this issue. %NASLMINLEVEL 70300 C...

7.1CVSS5.3AI score0.03653EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2007/11/08 4:54 p.m.7 views

openldap slapd DoS via objectClasses attribute

OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service slapd crash via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent...

7.1CVSS5.8AI score0.03653EPSS
Exploits0References4
NVD
NVD
added 2007/10/30 7:46 p.m.16 views

CVE-2007-5708

slapo-pcache overlays/pcache.c in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service segmentation fault v...

7.1CVSS6.2AI score0.02618EPSS
Exploits0References17
NVD
NVD
added 2007/06/14 11:30 p.m.21 views

CVE-2007-3224

Unspecified vulnerability in Sun ONE/Java System Directory Server slapd 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors...

5CVSS6.6AI score0.02238EPSS
Exploits0References7
CVE
CVE
added 2007/06/14 11:0 p.m.55 views

CVE-2007-3225

Sun Java System Directory Server (slapd) 6.0 and 5.2 with Patch 3 or 4 are affected by CVE-2007-3225. The vulnerability allows remote attackers to modify certain data via unknown vectors. The available documents do not specify the exact component/function/file/root cause, nor provide a confirmed ...

6.4CVSS6.6AI score0.02221EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2007/06/14 11:0 p.m.67 views

CVE-2007-3224

CVE-2007-3224 refers to an information-disclosure vulnerability in Sun Java System Directory Server (slapd) affecting versions 6.0 and 5.x before 5.2 Patch 5. The issue allows remote attackers to determine the existence of attributes of an entry via unspecified vectors. Connected sources (includi...

5CVSS6.6AI score0.02238EPSS
Exploits0References7Affected Software2
RedHat Linux
RedHat Linux
added 2007/06/07 10:30 p.m.9 views

security flaw

slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List ACL privileges to modify arbitrary Distinguished Names DN...

2.3CVSS5.9AI score0.02658EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/05/01 2:10 p.m.4 views

security flaw

slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List ACL privileges to modify arbitrary Distinguished Names DN...

2.3CVSS5.9AI score0.02658EPSS
Exploits0References4
CVE
CVE
added 2007/03/26 11:0 p.m.50 views

CVE-2006-4175

The CVE-2006-4175 issue affects Sun Java System Directory Server and ONE Directory Server (ns-slapd) versions 5.2 Patch4 and earlier, and 5.1/5.2 for ONE. Affected component: LDAP server; root cause: malformed BER queries in the BER decoding/cleanup path lead to a free of uninitialized memory. Im...

7.8CVSS6.7AI score0.03432EPSS
Exploits0References8Affected Software2
securityvulns
securityvulns
added 2006/06/30 12:0 a.m.49 views

Apple OpenDirectory DoS

slapd assert on malformed bind request...

1.8AI score
Exploits0References1Affected Software1
CVE
CVE
added 2005/11/16 7:37 a.m.56 views

CVE-2005-3567

The CVE-2005-3567 entry concerns the slapd daemon in IBM Tivoli Directory Server (ITDS) versions 5.2.0 and 6.0.0. It describes a vulnerability where binds using SASL EXTERNAL can bypass authentication, enabling an attacker to modify and delete directory data via unspecified attack vectors. The co...

5.8CVSS7AI score0.00925EPSS
Exploits0References12Affected Software1
CVE
CVE
added 2003/02/11 5:0 a.m.56 views

CVE-2002-1508

CVE-2002-1508 affects OpenLDAP2 (OpenLDAP 2) where the slapd service on version 2.2.0 and earlier is vulnerable to a race condition that can allow a local user to overwrite arbitrary files during the creation of a log file for rejected replication requests. The vulnerability is rooted in how the ...

1.2CVSS6.2AI score0.00336EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2002/06/25 4:0 a.m.73 views

CVE-2001-0977

CVE-2001-0977 affects slapd in OpenLDAP, where OpenLDAP 1.x prior to 1.2.12 and 2.x prior to 2.0.8 are vulnerable. The issue is triggered by receiving LDAP BER length fields with invalid lengths, allowing remote attackers to cause a denial-of-service crash. Public advisories describe this as a re...

5CVSS6.5AI score0.04093EPSS
Exploits0References9Affected Software2
CVE
CVE
added 2002/06/25 4:0 a.m.88 views

CVE-2002-0045

The CVE affects OpenLDAP slapd prior to 2.0.20 (OpenLDAP 2.0.0–2.0.19; anonymous before 2.0.8) where a faulty ACL check allows a local/anonymous user to perform a replace operation with an empty value list. This bypasses access controls and can delete non-mandatory attributes that ACLs would norm...

7.5CVSS6.3AI score0.02222EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder