Critical Path InJoin Directory Server 4.0 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4717/info Critical Path provides an LDAP Lightweight Directory Access Protocol Directory Server called InJoin. InJoin Directory is provided for Microsoft Windows operating systems and Unix variants. HTML code is not...

Critical Path InJoin Directory Server 4.0 File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4718/info Critical Path provides an LDAP Lightweight Directory Access Protocol Directory Server called InJoin. InJoin Directory Server is provided for Microsoft Windows operating systems and Unix variants. iCon is the...

CVE-2002-0786

iCon administrative web server for Critical Path inJoin Directory Server 4.0 allows authenticated inJoin administrators to read arbitrary files by specifying the target file in the LOG parameter...

CVE-2002-0786

iCon administrative web server for Critical Path inJoin Directory Server 4.0 allows authenticated inJoin administrators to read arbitrary files by specifying the target file in the LOG parameter...

CVE-2002-0787

The CVE-2002-0787 entry describes a cross-site scripting vulnerability in the iCon administrative web server for Critical Path inJoin Directory Server 4.0. The issue arises from reflected XSS via modified administrator URLs using the LOCID or OC parameters, allowing remote attackers to execute sc...

CVE-2002-0787

Cross-site scripting vulnerabilities in iCon administrative web server for Critical Path inJoin Directory Server 4.0 allow remote attackers to execute script as the administrator via administrator URLs with modified 1 LOCID or 2 OC parameters...

injoin.txt

Per our policy at http://www.nmrc.org/advise/policy.txt, we are releasing these advisories as these are not high priority and the vendor has a fix that is scheduled to be released soon. In an effort to save bandwidth, both advisories are in this single email. NMRC will see you at DefCon in Las...

Critical Path InJoin Directory Server 4.0 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/4717/info Critical Path provides an LDAP Lightweight Directory Access Protocol Directory Server called InJoin. InJoin Directory is provided for Microsoft Windows operating systems and Unix variants. HTML code is not filtered from URL parameters that are...

Critical Path InJoin Directory Server 4.0 - File Disclosure

Critical Path InJoin Directory Server 4.0 - File Disclosure source: https://www.securityfocus.com/bid/4718/info Critical Path provides an LDAP Lightweight Directory Access Protocol Directory Server called InJoin. InJoin Directory Server is provided for Microsoft Windows operating systems and Unix...

CVE-2001-1315

The CVE-2001-1315 issue affects Critical Path’s InJoin Directory Server and LiveContent Directory. The vulnerability arises in the LDAP handling code, specifically through malformed BER encodings used in the PROTOS LDAPv3 test suite, which can be exploited remotely to trigger a crash (DoS) and ma...

EUVD-2001-1295

Buffer overflows in Critical Path 1 InJoin Directory Server or 2 LiveContent Directory allow remote attackers to cause a denial of service crash and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite...

CVE-2001-1314

The CVE-2001-1314 issue affects Critical Path components InJoin Directory Server and LiveContent Directory. The root cause is a buffer overflow in the LDAP handling code, demonstrated by PROTOS LDAPv3 tests. Consequences documented include remote denial of service (crash) and potential arbitrary ...

CVE-2001-1314

Buffer overflows in Critical Path 1 InJoin Directory Server or 2 LiveContent Directory allow remote attackers to cause a denial of service crash and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite...