16 matches found
MiracleLinux 3 : openldap-2.3.43-12.0.1.AXS3 (AXSA:2010-168:01)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-168:01 advisory. OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing...
Linux Distros Unpatched Vulnerability : CVE-2009-3767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libraries/libldap/tlso.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name ...
CVE-2009-3767 affecting package openssl 1.1.1g-6
CVE-2009-3767 affecting package openssl 1.1.1g-6. An upgraded version of the package is available that resolves this issue...
CVE-2009-3767 affecting package openldap 2.4.50-1
CVE-2009-3767 affecting package openldap 2.4.50-1. An upgraded version of the package is available that resolves this issue...
RHEL 5 : rhev-hypervisor (RHSA-2010:0476)
An updated rhev-hypervisor package that fixes two security issues, multiple bugs, and adds enhancements is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...
Oracle Linux 4 : openldap (ELSA-2010-0543)
From Red Hat Security Advisory 2010:0543 : Updated openldap packages that fix two security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
VMSA-2010-0015 : VMware ESX third-party updates for Service Console
a. Service Console update for NSSdb The service console package NSSdb is updated to version nssdb-2.2-35.4.el55. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2010-0826 to this issue. b. Service Console update for OpenLDAP The service console package...
RedHat Update for openldap RHSA-2010:0543-01
Check for the Version of openldap OpenVAS Vulnerability Test RedHat Update for openldap RHSA-2010:0543-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CentOS 4 : openldap (CESA-2010:0543)
Updated openldap packages that fix two security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Fedora 11 : openldap-2.4.15-7.fc11 (2010-0752)
Fixed security issue CVE-2009-3767, F12 and 13 already contain the fix, since it has been fixed in openldap-2.4.18 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format i...
Fedora Update for openldap FEDORA-2010-0752
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
[SECURITY] [DSA 1943-1] New openldap2.3/openldap packages fix SSL certificate verification weakness
------------------------------------------------------------------------ Debian Security Advisory DSA-1943 [email protected] http://www.debian.org/security/ Giuseppe Iuculano December 02, 2009 http://www.debian.org/security/faq -...
Ubuntu USN-858-1 (openldap2.2)
The remote host is missing an update to openldap2.2 announced via advisory USN-858-1. OpenVAS Vulnerability Test $Id: ubuntu8581.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8581.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-858-1 openldap2.2 Authors:...
Ubuntu 6.06 LTS : openldap2.2 vulnerability (USN-858-1)
It was discovered that OpenLDAP did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Note that Tenable Network Security has extracte...
CVE-2009-3767
libraries/libldap/tlso.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers vi...
CVE-2009-3767
CVE-2009-3767 affects OpenLDAP 2.4.x and related TLS implementations when OpenSSL is used, due to improper handling of a null character in the domain CN of an X.509 certificate, enabling MITM spoofing of SSL servers via a CA-issued certificate. Connected records indicate this CVE is tied to OpenL...