Lucene search
K

39 matches found

Positive Technologies
Positive Technologies
added 2021/07/24 12:0 a.m.20 views

PT-2021-3958 · Apache · Apache Directory Studio

Name of the Vulnerable Software and Affected Versions: Apache Directory Studio versions prior to 2.0.0.v20210213-M16 Description: The issue is related to the absence of protection for service data. An attacker could exploit this to disclose protected information. The problem arises when configure...

7.8CVSS7.4AI score0.00793EPSS
Exploits0References11
NVD
NVD
added 2018/07/10 1:29 p.m.19 views

CVE-2018-1337

In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any informati...

9.8CVSS9.4AI score0.0531EPSS
Exploits0References8
Prion
Prion
added 2018/07/10 1:29 p.m.11 views

Server side request forgery (ssrf)

In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any informati...

5CVSS9.3AI score0.0531EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2018/07/10 1:29 p.m.13 views

DEBIAN-CVE-2018-1337

In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any informati...

9.8CVSS5.7AI score0.0531EPSS
Exploits0References1
CVE
CVE
added 2018/07/10 1:0 p.m.82 views

CVE-2018-1337

CVE-2018-1337 affects Apache Directory LDAP API prior to 1.0.2. Root cause: a flaw in the SSL Filter setup allows a thread to reuse a connection before TLS is established, potentially leaking data from a request (including credentials from BIND) when a connection is pulled from the pool. Impact: ...

9.8CVSS9.2AI score0.0531EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2018/07/10 1:0 p.m.21 views

CVE-2018-1337

In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any informati...

9.4AI score0.0531EPSS
Exploits0References8
CNVD
CNVD
added 2017/10/04 12:0 a.m.5 views

Apache Directory LDAP API CVE Information Disclosure Vulnerability

The Apache Directory LDAP API is a set of APIs for connecting to any LDAP server. An information disclosure vulnerability exists in the Apache Directory LDAP API, which allows remote attackers to exploit the vulnerability by submitting a specially crafted request to obtain sensitive information...

7.5CVSS7.1AI score0.05071EPSS
Exploits0References1
OSV
OSV
added 2017/09/07 1:29 p.m.3 views

UBUNTU-CVE-2015-3250

Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors...

7.5CVSS7.1AI score0.05071EPSS
Exploits0References3
OSV
OSV
added 2017/09/07 1:29 p.m.4 views

CVE-2015-3250

Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors...

7.5CVSS7.4AI score
Exploits0References7
NVD
NVD
added 2017/09/07 1:29 p.m.12 views

CVE-2015-3250

Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors...

7.5CVSS7.4AI score0.05071EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/09/07 1:0 p.m.17 views

CVE-2015-3250

Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors...

7.4AI score0.05071EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2017/09/07 1:0 p.m.21 views

CVE-2015-3250

Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors...

7.5CVSS7.3AI score0.05071EPSS
Exploits0
Prion
Prion
added 2016/04/11 9:59 p.m.14 views

Design/Logic Flaw

The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet...

9.3CVSS7.9AI score0.02109EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2016/04/11 9:0 p.m.29 views

CVE-2015-5349

The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet...

7.9AI score0.02109EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2016/04/11 9:0 p.m.31 views

CVE-2015-5349

The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet...

9.3CVSS7.9AI score0.02109EPSS
Exploits0
CNVD
CNVD
added 2016/01/16 12:0 a.m.27 views

Apache Directory Studio Command Injection Vulnerability

Apache Directory Studio is a suite of LDAP tool platforms for connecting to, managing and developing any LDAP server. Apache Directory Studio fails to adequately filter user-submitted input, allowing remote attackers to exploit the vulnerability by submitting special requests to execute arbitrary...

9.3CVSS7.6AI score0.02109EPSS
Exploits0References1
exploitpack
exploitpack
added 2009/12/30 12:0 a.m.26 views

Joomla! Component com_intuit - Apache Directory listing Download

Joomla! Component comintuit - Apache Directory listing Download ======================================================================================== | Title : Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability | | Author : indoushka | | email : [email protected] | | Ho...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2009/12/30 12:0 a.m.54 views

Joomla! Component com_intuit - Apache Directory listing Download

======================================================================================== | Title : Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/06/13 12:0 a.m.46 views

Проблемы с защитой директорий в Apache под MacOS (case insensitive filesystem)

При использовании файловой системы с наименованием файлов не чуствительным к реестру можно обойти защиту каталогов...

0.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder