Lucene search
+L

719 matches found

NVD
NVD
added 2007/05/16 1:19 a.m.19 views

CVE-2007-2697

The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP5, 9.0, and 9.1, when in certain configurations, does not limit or audit failed authentication attempts, which allows remote attackers to more easily conduct brute-force attacks against the...

5.1CVSS6.9AI score0.02224EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/05/16 1:0 a.m.21 views

CVE-2007-2697

The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP5, 9.0, and 9.1, when in certain configurations, does not limit or audit failed authentication attempts, which allows remote attackers to more easily conduct brute-force attacks against the...

6.9AI score0.02224EPSS
Exploits0References6
NVD
NVD
added 2007/03/28 10:19 p.m.24 views

CVE-2007-1739

Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service crash via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation...

7.8CVSS6.8AI score0.03371EPSS
Exploits1References9
Prion
Prion
added 2007/03/28 10:19 p.m.26 views

Heap overflow

Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service crash via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation...

7.8CVSS7.4AI score0.03371EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2007/03/28 10:0 p.m.64 views

CVE-2007-1739

IBM Lotus Domino LDAP server is affected by a heap-based/buffer overflow (boundary error) in handling oversized DN requests. Versions prior to 6.5.6 and 7.x prior to 7.0.2 FP1 are vulnerable, enabling remote attackers to crash the service (and, per advisories, potentially execute code with server...

7.8CVSS6.8AI score0.03371EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2007/03/28 10:0 p.m.27 views

CVE-2007-1739

Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service crash via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation...

6.8AI score0.03371EPSS
Exploits1References9
seebug.org
seebug.org
added 2007/03/28 12:0 a.m.56 views

Sun Java System Directory Server未初始化指针远程内存破坏漏洞

Sun Java System Directory Server是一款由Sun公司开发的LDAP服务器。 Sun Java System Directory Server存在设计错误,远程攻击者可以利用漏洞对服务程序进行拒绝服务攻击。 问题存在于针对部分失败查询类型的清理代码中,可导致服务器调用free,并从未初始化内存中获取地址,非法内存的引用可导致拒绝服务攻击。 Sun Java System Directory Server 5.2 可参考如下补丁程序: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/03/28 12:0 a.m.68 views

Lotus Domino multiple security vulnerabilities

LDAP Server heap overflow, Web access crossite scripting. Buffer overflow in IMAP CRAM-MD5 authentication...

10CVSS2.1AI score0.6122EPSS
Exploits6References3Affected Software2
CERT
CERT
added 2007/03/28 12:0 a.m.17 views

IBM Lotus Domino LDAP server DN message heap buffer overflow

Overview The IBM Lotus Domino LDAP server is vulnerable to a heap buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description IBM Lotus Domino server software provides email, calendar, scheduling, and collaboration...

8.3AI score
Exploits0References2
Cvelist
Cvelist
added 2007/03/26 11:0 p.m.41 views

CVE-2006-4175

The LDAP server ns-slapd in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service crash via malformed queries, probably malformed BER queries, which trigger a free of uninitialized memory locations...

6.7AI score0.03432EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2007/03/26 12:0 a.m.12 views

PT-2007-1167 · Sun · Sun One Directory Server +1

Name of the Vulnerable Software and Affected Versions: Sun Java System Directory Server versions 5.2 Patch4 and earlier ONE Directory Server versions 5.1 and 5.2 Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending malformed queries to the...

7.8CVSS6.8AI score0.03432EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2006/11/07 12:0 a.m.32 views

OpenLDAP SASL authcid Name BIND Request DoS

The remote host appears to be running OpenLDAP, an open source LDAP directory implementation. The version of OpenLDAP installed on the remote host fails to handle malformed SASL bind requests. An unauthenticated attacker can leverage this issue to crash the LDAP server on the affected host...

7.5CVSS5.5AI score0.75373EPSS
Exploits1References4
securityvulns
securityvulns
added 2006/10/23 12:0 a.m.44 views

iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Invalid Free Vulnerability

Novell eDirectory evtFilteredMonitorEventsRequest Invalid Free Vulnerability iDefense Security Advisory 10.21.06 http://www.idefense.com/intelligence/vulnerabilities/ Oct 21, 2006 I. BACKGROUND Novell eDirectory is a cross-platform lightweight directory access protocol LDAP server. More informati...

10CVSS0.2AI score0.06477EPSS
Exploits0
securityvulns
securityvulns
added 2006/10/23 12:0 a.m.38 views

iDefense Security Advisory 10.21.06: Novell eDirectory evtFilteredMonitorEventsRequest Heap Overflow Vulnerability

Novell eDirectory evtFilteredMonitorEventsRequest Heap Overflow Vulnerability iDefense Security Advisory 10.21.06 http://www.idefense.com/intelligence/vulnerabilities/ Oct 21, 2006 I. BACKGROUND Novell eDirectory is a cross-platform lightweight directory access protocol LDAP server. More...

10CVSS1.6AI score0.07442EPSS
Exploits0
Prion
Prion
added 2006/06/01 10:2 a.m.23 views

Default credentials

The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and password with a valid login shell in the initfile for the ldap-server, which allows remote attackers to access any server where the default has not been changed...

7.5CVSS7.5AI score0.01806EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2006/06/01 10:0 a.m.43 views

CVE-2006-2738

The CVE-2006-2738 entry concerns the open source Open-Xchange 0.8.2 and earlier. It states that a static default username and password, with a valid login shell in the ldap-server initfile, enables remote attackers to access any server where the default has not been changed. Affected component: t...

7.5CVSS6.9AI score0.01806EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2006/06/01 10:0 a.m.22 views

CVE-2006-2738

The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and password with a valid login shell in the initfile for the ldap-server, which allows remote attackers to access any server where the default has not been changed...

6.9AI score0.01806EPSS
Exploits0References8
exploitpack
exploitpack
added 2006/04/24 12:0 a.m.25 views

Lotus Domino 7.0.x8.08.5 - LDAP Message Remote Denial of Service

Lotus Domino 7.0.x8.08.5 - LDAP Message Remote Denial of Service source: https://www.securityfocus.com/bid/17669/info Lotus Domino LDAP server is prone to a remote denial-of-service vulnerability when handling malformed requests. Lotus Domino 7.0 is vulnerable; earlier versions may also be...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2006/04/23 12:0 a.m.45 views

'ldapsearch' Information Gathering (LDAP Protocol)

This plugins shows what information can be pulled of an LDAP server. SPDX-FileCopyrightText: 2006 Tarik El-Yassem/ITsec Security Services Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5.4AI score
Exploits0References1
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.42 views

Lotus Domino LDAP Server Denial of Service Vulnerability

The remote LDAP server is affected by a denial of service vulnerability. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.6AI score0.03176EPSS
Exploits0References2
Rows per page
Query Builder