Lucene search
+L

382 matches found

NVD
NVD
added 2011/04/21 10:55 a.m.19 views

CVE-2009-5073

IBM Tivoli Directory Server TDS 6.0 before 6.0.0.59 aka 6.0.0.8-TIV-ITDS-IF0001 allows remote authenticated users to cause a denial of service infinite loop and daemon hang by adding a nested group that contains the Distinguished Name DN of its parent entry...

4CVSS6.1AI score0.00883EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2011/04/21 10:55 a.m.0 views

CVE-2009-5072

Memory leak in the ldapexplodedn function in IBM Tivoli Directory Server TDS 6.0 before 6.0.0.61 aka 6.0.0.8-TIV-ITDS-IF0003 allows remote authenticated users to cause a denial of service memory consumption via an empty string argument...

4CVSS5.6AI score0.00883EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2011/04/21 10:55 a.m.3 views

CVE-2009-5073

IBM Tivoli Directory Server TDS 6.0 before 6.0.0.59 aka 6.0.0.8-TIV-ITDS-IF0001 allows remote authenticated users to cause a denial of service infinite loop and daemon hang by adding a nested group that contains the Distinguished Name DN of its parent entry...

4CVSS5.6AI score0.00883EPSS
Exploits0References3
OSV
OSV
added 2011/03/20 2:0 a.m.6 views

CVE-2011-1025

bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name DN, which allows remote attackers to bypass intended access restrictions via an arbitrary password...

6.9AI score
Exploits0References15
OSV
OSV
added 2011/03/20 2:0 a.m.3 views

DEBIAN-CVE-2011-1025

bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name DN, which allows remote attackers to bypass intended access restrictions via an arbitrary password...

6.8CVSS7.1AI score0.04449EPSS
Exploits0References1
Prion
Prion
added 2011/03/20 2:0 a.m.28 views

Design/Logic Flaw

modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...

5CVSS6.9AI score0.13518EPSS
Exploits1References20Affected Software1
UbuntuCve
UbuntuCve
added 2011/03/19 12:0 a.m.31 views

CVE-2011-1081

modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...

5CVSS5.9AI score0.13518EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2011/03/10 8:44 p.m.5 views

openldap: DoS when submitting special MODRDN request

modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...

5CVSS5.9AI score0.13518EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2010/07/23 12:0 a.m.21 views

RedHat Update for openldap RHSA-2010:0542-01

Check for the Version of openldap OpenVAS Vulnerability Test RedHat Update for openldap RHSA-2010:0542-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5CVSS8.8AI score0.29238EPSS
Exploits2References2
Check Point Advisories
Check Point Advisories
added 2010/06/07 12:0 a.m.16 views

IBM Lotus Domino LDAP Server Invalid DN Message Buffer Overflow (CVE-2007-1739)

IBM Lotus Domino Server is a collaboration software that provides mail, messaging, calendaring and scheduling capabilities across multiple platforms. The product implements numerous services based on open standards, including LDAP, SMTP, IMAP, and POP3. There exist a buffer overflow vulnerability...

7.8CVSS7.9AI score0.03371EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2009/12/08 2:56 a.m.5 views

OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted HTTP headers, which are not...

5CVSS5.9AI score0.04813EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/11/09 3:4 p.m.8 views

OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted DER encoded data, which is not...

5CVSS5.9AI score0.04813EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/11/04 3:14 p.m.8 views

OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted DER encoded data, which is not...

5CVSS5.9AI score0.04813EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2009/08/06 12:0 a.m.22 views

strongSwan Denial Of Service Vulnerability - Aug09

This host has strongSwan and is prone to Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: gbstrongswandosvulnaug09.nasl 4869 2016-12-29 11:01:45Z teissa $ strongSwan Denial Of Service Vulnerability - Aug09 Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH,...

5CVSS0.1AI score0.01577EPSS
Exploits0References2
Prion
Prion
added 2009/08/04 4:30 p.m.13 views

Design/Logic Flaw

The asn1length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names RDNs, which allows remote attackers to cause a denial of service pluto IKE daemon crash via malformed ASN.1 data...

5CVSS6.7AI score0.02372EPSS
Exploits0References10Affected Software1
RedHat Linux
RedHat Linux
added 2009/07/02 3:2 p.m.3 views

Openswan ASN.1 parser vulnerability

The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...

5CVSS5.9AI score0.02372EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2009/06/30 12:0 a.m.20 views

StrongSwan/Openswan Denial Of Service Vulnerability June-09

The host is installed with strongSwan/Openswan and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodstrongswannopenswandosvulnjun09.nasl 6515 2017-07-04 11:54:15Z cfischer $ StrongSwan/Openswan Denial Of Service Vulnerability June-09 Authors: Sharath S Copyright:...

5CVSS7.5AI score0.02372EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2009/06/25 2:0 a.m.5 views

CVE-2009-2185

The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...

5CVSS5.6AI score0.02372EPSS
Exploits0References25
OSV
OSV
added 2009/06/25 2:0 a.m.1 views

DEBIAN-CVE-2009-2185

The ASN.1 parser pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1parser.c in a strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and b openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service pluto IKE daemon crash...

5CVSS6.8AI score0.02372EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2009/04/15 12:0 a.m.5 views

PT-2009-2789 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: A spoofing issue exists due to incomplete validation of the distinguished name in a digital certificate. This can be combined with other attacks, such as DNS spoofing, allowin...

5.8CVSS5.8AI score0.05071EPSS
Exploits1References10
Rows per page
Query Builder