5 matches found
The vulnerability of the KB Search component of the Oracle Email Center messaging software in the Oracle E-Business Suite, a business automation system, allows a malicious individual to access, modify, add, or delete data, or to gain unauthorized access to protected information.
The vulnerability of the KB Search component of the Oracle Email Center messaging software within the Oracle E-Business Suite system relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain...
DEBIAN-CVE-2013-1897
The dosearch function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote...
UBUNTU-CVE-2013-1897
The dosearch function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote...
389-ds: unintended information exposure when rootdse is enabled
The dosearch function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote...
LDAP NULL BASE Search Access
The remote LDAP server supports search requests with a NULL, or empty, base object. This allows information to be retrieved without any prior knowledge of the directory structure. Coupled with a NULL BIND, an anonymous user may be able to query your LDAP server using a tool such as 'LdapMiner'...