33 matches found
EUVD-2006-0460
Malware in sbrugna...
EUVD-2006-0459
Malware in sbrugna...
EUVD-2006-0458
Malware in sbrugna...
EUVD-2008-2925
Malware in sbrugna...
EUVD-2005-3627
Malware in sbrugna...
CVE-2005-3630
Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives...
CVE-2015-3230
The CVE targets 389-ds-base (389 Directory Server) prior to version 1.3.3.12, where the nsSSL3Ciphers preference is not enforced when creating an sslSocket. This allows a remote attacker to request a disabled cipher, with impact described as unspecified in the sources. Public advisories confirm a...
389 Directory Server SASL/GSSAPI验证绕过漏洞
Bugtraq ID:66235 CVE ID:CVE-2014-0132 389 Directory Server的前身是Fedora Directory Server,是一个企业级的Linux目录服务器。 当指定"authzid"参数时389 Directory Server不正确处理SASL/GSSAPI验证,允许远程攻击者利用漏洞使用其他用户目录。 0 389 Directory Server formerly known as Fedora Directory Server 1.3.1.20 389 Directory Server formerly known as Fedo...
Red Hat Fedora目录服务器HTTP非转义函数缓冲区溢出漏洞
BUGTRAQ ID: 31106 CVE ID:CVE-2008-2932 CNCVE ID:CNCVE-20082932 Red Hat Fedora Directory Server是一款目录服务程序。 Red Hat Fedora Directory Server adminutil不正确处理用户输入,远程攻击者可以利用漏洞进行缓冲区溢出,以应用程序权限执行任意指令。 adminutil是一款Red Hat / Fedora Directory Server附带的多个CGI脚本使用的通用函数库。 adminutil...
CVE-2008-2932
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via % percent encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrec...
Heap overflow
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via % percent encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrec...
CVE-2008-2932
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via % percent encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrec...
CVE-2008-2932
The CVE-2008-2932 issue is a heap-based buffer overflow in Red Hat adminutil 1.1.6 used with Fedora Directory Server. It allows remote attackers to cause a crash or potentially execute arbitrary code via percent-encoded HTTP input to unspecified CGI scripts, and is noted as a consequence of an in...
Fedora 8 : fedora-ds-base-1.1.2-1.fc8 (2008-7891)
This is the release of Fedora Directory Server 1.1.2. Security issues addressed: CVE-2008-2930 CVE-2008-3283 In addition to the CVEs listed above, this release fixes the following list of bugs: https://bugzilla.redhat.com/showdependencytree.cgi?id=452721&hidereso lved=0 Note that Tenable Network...
[SECURITY] Fedora 9 Update: fedora-ds-base-1.1.2-1.fc9
Fedora Directory Server is an LDAPv3 compliant server. The base package in cludes the LDAP server and command line utilities for server administration...
CVE-2008-2929
The CVE-2008-2929 event concerns multiple XSS vulnerabilities in the adminutil library used by the Directory Server Administration Express and Directory Server Gateway web interfaces. Affected systems include Red Hat Directory Server 7.1 prior to SP7, 8 EL4/EL5, and Fedora Directory Server. The X...
Server: temporary DoS via crafted pattern searches
Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service CPU consumption and search outage via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem...
Red Hat Administration Server (redhat-ds-admin) Multiple Remote Vulnerabilities
The remote host is running RedHat or Fedora Directory Server Admin Service. The version of this software installed on the remote host is vulnerable to remote command execution flaw through the argument 'admurl' of the script '/bin/admin/admin/bin/download'. A malicious user could exploit this fla...
security flaw
The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service crash via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite...
recursion causes OOM with bad DN in dn2ancestor
dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service CPU and memory consumption via a ModDN operation with a DN that contains a large number of "," comma characters, which results in a large amount of recursion, as demonstrated usin...