40 matches found
CLSA-2025-1758645818 openldap: Fix of 14 CVEs
Rebase to 2.4.58 to fix the following vulnerabilities: - CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions - CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing - CVE-2020-36223: fix slapd crash in the Values Return...
Advisory ROSA-SA-2024-2439
Software: openldap 2.4.46 OS: ROSA Virtualization 2.1 packageevrstring: openldap-2.4.46 CVE-ID: CVE-2020-25709 BDU-ID: 2022-00231 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the slapd server implementation of the OpenLDAP LDAP protocol is related to a flaw in the use of the assert function...
NewStart CGSL CORE 5.05 / MAIN 5.05 : openldap Multiple Vulnerabilities (NS-SA-2023-0016)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has openldap packages installed that are affected by multiple vulnerabilities: - A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP's slapd server, to trigger ...
K56241216: OpenLDAP vulnerabilities CVE-2020-25709 and CVE-2020-25710
Security Advisory Description CVE-2020-25709 A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability. CVE-2020-25710...
NewStart CGSL CORE 5.04 / MAIN 5.04 : openldap Multiple Vulnerabilities (NS-SA-2022-0077)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openldap packages installed that are affected by multiple vulnerabilities: - A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP's slapd server, to trigger ...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20201105.2286)
The version of AHV installed on the remote host is prior to 20201105.2286. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20201105.2286 advisory. - In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. CVE-2022-25315 - In Expat ak...
Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in openldap. (CVE-2020-25709, CVE-2020-25710)
Summary IBM QRadar Network Security has addressed vulnerabilities in openldap. The issue could lead to Denial of service. Vulnerability Details CVEID: CVE-2020-25709 DESCRIPTION: OpenLDAP is vulnerable to a denial of service, caused by an assertion failure in certificateListValidate function in...
Hitachi Energy System Data Manager
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: System Data Manager – SDM600 Vulnerabilities: Integer Overflow or Wraparound, Reachable Assertion, Type Confusion, Uncontrolled Recursion, Observable Discrepancy 2. RISK...
Amazon Linux 2 : openldap (ALAS-2022-1770)
The version of openldap installed on the remote host is prior to 2.4.44-23. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1770 advisory. A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP'...
CentOS: Security Advisory for openldap (CESA-2022:0621)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openldap security update
CentOS Errata and Security Advisory CESA-2022:0621 An update for openldap is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CentOS 7 : openldap (RHSA-2022:0621)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0621 advisory. - A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP's slapd server, to trigger an...
Scientific Linux Security Update : openldap on SL7.x i686/x86_64 (2022:0621)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0621-1 advisory. - openldap: assertion failure in Certificate List syntax validation CVE-2020-25709 - openldap: assertion failure in CSN normalization with invali...
openldap security update
2.4.44-25 - Fix CVE-2020-25709 openldap: assertion failure in Certificate List syntax validation 2040539 - Fix CVE-2020-25710 openldap: assertion failure in CSN normalization with invalid input 2040538...
Oracle Linux 7 : openldap (ELSA-2022-0621)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0621 advisory. - Fix CVE-2020-25709 openldap: assertion failure in Certificate List syntax validation 2040539 Tenable has extracted the preceding description block...
Moderate: Red Hat Security Advisory: openldap security update
An update for openldap is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
RHEL 7 : openldap (RHSA-2022:0621)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0621 advisory. OpenLDAP is an open-source suite of Lightweight Directory Access Protocol LDAP applications and development tools. LDAP is a set of protocol...
Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2022-1087)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.0 : openldap (EulerOS-SA-2022-1087)
According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP's slapd...
OpenLDAP < 2.4.56 Multiple DoS Vulnerabilities
OpenLDAP is prone to multiple denial of service DoS vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...