19 matches found
CVE-2020-2303
A cross-site request forgery CSRF vulnerability in Jenkins Active Directory Plugin 2.19 and earlier allows attackers to perform connection tests, connecting to attacker-specified or previously configured Active Directory servers using attacker-specified credentials...
CVE-2021-30651
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access...
PT-2022-10021 · Smg · Smg
Name of the Vulnerable Software and Affected Versions: SMG affected versions not specified Description: A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access. Recommendations: At the...
Spanish MSSP Targeted by BitPaymer Ransomware
ARCHIVED STORY Spanish MSSP Targeted by BitPaymer Ransomware By ATR Operational Intelligence Team · November 08, 2019 Co-authored by Marc RiveroLopez Initial Discovery This week the news hit that several companies in Spain were hit by a ransomware attack. Ransomware attacks themselves are not new...
[SECURITY] Fedora 28 Update: unboundid-ldapsdk-4.0.5-1.fc28
The UnboundID LDAP SDK for Java is a fast, powerful, user-friendly, and completely free Java library for communicating with LDAP directory servers and performing related tasks like reading and writing LDIF, encoding and decoding data using base64 and ASN.1 BER, and performing secure communicati o...
[SECURITY] Fedora 27 Update: unboundid-ldapsdk-4.0.5-1.fc27
The UnboundID LDAP SDK for Java is a fast, powerful, user-friendly, and completely free Java library for communicating with LDAP directory servers and performing related tasks like reading and writing LDIF, encoding and decoding data using base64 and ASN.1 BER, and performing secure communicati o...
OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)
It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...
OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)
It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers...
CVE-2017-6183
In Sophos Web Appliance SWA before 4.3.1.2, a section of the machine's configuration utilities for adding and detecting Active Directory servers was vulnerable to remote command injection, aka NSWA-1314...
Debian DLA-663-1 : tor security update
It has been discovered that Tor treats the contents of some buffer chunks as if they were a NUL-terminated string. This issue could enable a remote attacker to crash a Tor client, hidden service, relay, or authority. This update aims to defend against this general class of security bugs. For Debi...
DirectoryScanner - Free Directory Server fingerprinting tool !
DirectoryScanner - Free Directory Server fingerprinting tool ! DirectoryScanner is the FREE Directory Server fingerprinting tool. It can help you to remotely detect the type of Directory servers such as Microsoft Active Directory, Novell eDirectory etc running on the local network as well as...
Fedora Update for adminutil FEDORA-2008-7339
Check for the Version of adminutil OpenVAS Vulnerability Test Fedora Update for adminutil FEDORA-2008-7339 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
[SECURITY] Fedora 8 Update: adminutil-1.1.7-1.fc8
adminutil is libraries of functions used to administer directory servers, usually in conjunction with the admin server. adminutil is broken into two libraries - libadminutil contains the basic functionality, and libadmsslutil contains SSL versions and wrappers around the basic functions. The PSET...
Server: multiple memory leaks
Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service memory consumption via vectors involving 1 the authentication / bind phase and 2 anonymous LDAP search...
GLSA-200804-12 : gnome-screensaver: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-200804-12 gnome-screensaver: Privilege escalation gnome-screensaver incorrectly handles the results of the getpwuid function in the file src/setuid.c when using directory servers like NIS during a network outage, a similar issue t...
[ GLSA 200804-12 ] gnome-screensaver: Privilege escalation
Gentoo Linux Security Advisory GLSA 200804-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
gnome-screensaver: Privilege escalation
Background gnome-screensaver is a screensaver, designed to integrate with the Gnome desktop, that can replace xscreensaver. Description gnome-screensaver incorrectly handles the results of the getpwuid function in the file src/setuid.c when using directory servers like NIS during a network outage...
GLSA-200705-14 : XScreenSaver: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-200705-14 XScreenSaver: Privilege escalation XScreenSaver incorrectly handles the results of the getpwuid function in drivers/lock.c when using directory servers during a network outage. Impact : A local user can crash XScreenSave...
RHEL 4 : nss_ldap (RHSA-2006:0719)
Updated nssldap packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. nssldap is a set of C library extensions that allow X.500 and LDAP directory servers to be used ...