5 matches found
Information Disclosure
Oracle Java SE is vulnerable to information disclosure . This is because the LDAP component of OpenJDK fails to properly encode special characters in user names when adding them to an LDAP search query. Remote attackers could possibly use this flaw to manipulate LDAP queries performed by the...
OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)
It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class...
Important: java-1.8.0-openjdk
Issue Overview: SingleEntryRegistry incorrect setup of deserialization filter JMX, 8186998 It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass...
EulerOS 2.0 SP2 : openldap (EulerOS-SA-2017-1202)
According to the version of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A double-free flaw was found in the way OpenLDAP's slapd server using the MDB backend handled LDAP searches. A remote attacker with access to...
CVE-2012-1164
slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service assertion failure and daemon exit via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned...