719 matches found
CVE-2007-2697
The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP5, 9.0, and 9.1, when in certain configurations, does not limit or audit failed authentication attempts, which allows remote attackers to more easily conduct brute-force attacks against the...
CVE-2007-2697
The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP5, 9.0, and 9.1, when in certain configurations, does not limit or audit failed authentication attempts, which allows remote attackers to more easily conduct brute-force attacks against the...
CVE-2007-1739
Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service crash via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation...
Heap overflow
Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service crash via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation...
CVE-2007-1739
IBM Lotus Domino LDAP server is affected by a heap-based/buffer overflow (boundary error) in handling oversized DN requests. Versions prior to 6.5.6 and 7.x prior to 7.0.2 FP1 are vulnerable, enabling remote attackers to crash the service (and, per advisories, potentially execute code with server...
CVE-2007-1739
Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service crash via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation...
Sun Java System Directory Server未初始化指针远程内存破坏漏洞
Sun Java System Directory Server是一款由Sun公司开发的LDAP服务器。 Sun Java System Directory Server存在设计错误,远程攻击者可以利用漏洞对服务程序进行拒绝服务攻击。 问题存在于针对部分失败查询类型的清理代码中,可导致服务器调用free,并从未初始化内存中获取地址,非法内存的引用可导致拒绝服务攻击。 Sun Java System Directory Server 5.2 可参考如下补丁程序: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-...
Lotus Domino multiple security vulnerabilities
LDAP Server heap overflow, Web access crossite scripting. Buffer overflow in IMAP CRAM-MD5 authentication...
IBM Lotus Domino LDAP server DN message heap buffer overflow
Overview The IBM Lotus Domino LDAP server is vulnerable to a heap buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description IBM Lotus Domino server software provides email, calendar, scheduling, and collaboration...
CVE-2006-4175
The LDAP server ns-slapd in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service crash via malformed queries, probably malformed BER queries, which trigger a free of uninitialized memory locations...
PT-2007-1167 · Sun · Sun One Directory Server +1
Name of the Vulnerable Software and Affected Versions: Sun Java System Directory Server versions 5.2 Patch4 and earlier ONE Directory Server versions 5.1 and 5.2 Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending malformed queries to the...
OpenLDAP SASL authcid Name BIND Request DoS
The remote host appears to be running OpenLDAP, an open source LDAP directory implementation. The version of OpenLDAP installed on the remote host fails to handle malformed SASL bind requests. An unauthenticated attacker can leverage this issue to crash the LDAP server on the affected host...
iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Invalid Free Vulnerability
Novell eDirectory evtFilteredMonitorEventsRequest Invalid Free Vulnerability iDefense Security Advisory 10.21.06 http://www.idefense.com/intelligence/vulnerabilities/ Oct 21, 2006 I. BACKGROUND Novell eDirectory is a cross-platform lightweight directory access protocol LDAP server. More informati...
iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Heap Overflow Vulnerability
Novell eDirectory evtFilteredMonitorEventsRequest Heap Overflow Vulnerability iDefense Security Advisory 10.21.06 http://www.idefense.com/intelligence/vulnerabilities/ Oct 21, 2006 I. BACKGROUND Novell eDirectory is a cross-platform lightweight directory access protocol LDAP server. More...
Default credentials
The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and password with a valid login shell in the initfile for the ldap-server, which allows remote attackers to access any server where the default has not been changed...
CVE-2006-2738
The CVE-2006-2738 entry concerns the open source Open-Xchange 0.8.2 and earlier. It states that a static default username and password, with a valid login shell in the ldap-server initfile, enables remote attackers to access any server where the default has not been changed. Affected component: t...
CVE-2006-2738
The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and password with a valid login shell in the initfile for the ldap-server, which allows remote attackers to access any server where the default has not been changed...
Lotus Domino 7.0.x8.08.5 - LDAP Message Remote Denial of Service
Lotus Domino 7.0.x8.08.5 - LDAP Message Remote Denial of Service source: https://www.securityfocus.com/bid/17669/info Lotus Domino LDAP server is prone to a remote denial-of-service vulnerability when handling malformed requests. Lotus Domino 7.0 is vulnerable; earlier versions may also be...
'ldapsearch' Information Gathering (LDAP Protocol)
This plugins shows what information can be pulled of an LDAP server. SPDX-FileCopyrightText: 2006 Tarik El-Yassem/ITsec Security Services Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Lotus Domino LDAP Server Denial of Service Vulnerability
The remote LDAP server is affected by a denial of service vulnerability. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...