394 matches found
SUSE CVE-2020-12243
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service daemon crash...
SUSE CVE-2020-36222
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service...
SUSE CVE-2020-36224
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service...
SUSE CVE-2020-36223
A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service double free and out-of-bounds read...
SUSE CVE-2020-36225
A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service...
SUSE CVE-2020-36227
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancelextop Cancel operation, resulting in denial of service...
SUSE CVE-2020-36229
A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in denial of service...
SUSE CVE-2020-36228
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service...
SUSE CVE-2020-36230
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...
SUSE CVE-2022-0918
A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The...
389-ds-base: sending crafted message could result in DoS
A vulnerability was found in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection. No bind or other authentication is required. This...
EulerOS Virtualization 2.9.1 : openldap (EulerOS-SA-2022-2358)
According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend...
EulerOS 2.0 SP10 : openldap (EulerOS-SA-2022-2166)
According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via ...
389-ds-base: sending crafted message could result in DoS
A vulnerability was found in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection. No bind or other authentication is required. This...
EulerOS Virtualization 2.10.1 : openldap (EulerOS-SA-2022-2116)
According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend...
EulerOS 2.0 SP9 : openldap (EulerOS-SA-2022-1975)
According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via ...
Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2022-2005)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: libldap-2_4-2 / libldap-2_4-2-32bit / libldap-data / openldap2 / etc (SUSE-SU-2022:1832-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1832-1 advisory. Security: - CVE-2022-29155: Fixed SQL injection in back-sql bsc1199240. Bugfixes: - allow specification of max/min TLS version with TLS1.3...
OESA-2022-1654 openldap security update
OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...
SUSE SLES12 Security Update : openldap2 (SUSE-SU-2022:1685-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1685-1 advisory. - CVE-2022-29155: Fixed SQL injection in back-sql bsc1199240. Tenable has extracted the preceding description block directly from the SUSE...