Lucene search
+L

38 matches found

RedhatCVE
RedhatCVE
added 2018/08/21 6:49 p.m.30 views

CVE-2018-10935

A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort...

6.5CVSS3AI score0.01847EPSS
Exploits0References2
Debian
Debian
added 2018/07/15 8:9 p.m.33 views

[SECURITY] [DLA 1428-1] 389-ds-base security update

Package : 389-ds-base Version : 1.3.3.5-4+deb8u1 CVE ID : CVE-2015-1854 CVE-2017-15134 CVE-2018-1054 CVE-2018-1089 CVE-2018-10850 CVE-2015-1854 A flaw was found while doing authorization of modrdn operations. An unauthenticated attacker able to issue an ldapmodrdn call to the directory server cou...

7.5CVSS7.7AI score0.04646EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/05/10 12:0 a.m.43 views

Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20180509)

Security Fixes : - 389-ds-base: ns-slapd crash via large filter value in ldapsearch CVE-2018-1089 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid109671; scriptversion"1.6";...

7.5CVSS7.4AI score0.04239EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2017/06/11 12:0 a.m.11 views

OpenLDAP ldapsearch pagesize Double Free Denial of Service (CVE-2017-9287)

A double free vulnerability exists in the ldapsearch function of OpenLDAP. The vulnerability is due to improper handling of ldapsearch queries with a pagesize of 0. A remote attacker can exploit this vulnerability by sending a crafted query to he target OpenLDAP server...

4CVSS1.8AI score0.07143EPSS
Exploits1
FreeBSD
FreeBSD
added 2015/02/02 12:0 a.m.21 views

openldap -- two remote denial of service vulnerabilities

Ryan Tandy reports: With the deref overlay enabled, ldapsearch with '-E deref=member:' causes slapd to crash. Bill MacAllister discovered that certain queries cause slapd to crash while freeing operation controls. This is a 2.4.40 regression. Earlier releases are not affected...

1.9AI score
Exploits0References2
seebug.org
seebug.org
added 2013/10/31 12:0 a.m.38 views

Apple Mac OS X OpenLDAP 'ldapsearch'命令安全漏洞(CVE-2013-5185)

BUGTRAQ ID: 63351 CVECAN ID: CVE-2013-5185 OS X(前称Mac OS X)是苹果公司为麦金塔电脑开发的专属操作系统的最新版本。 OS X 10.9之前版本的OpenLDAP里,ldapsearch命令行程序没有正确处理minssf配置设置,可使远程攻击者利用弱加密方式以进行网络嗅探,从而获取敏感信息。 0 Apple Mac OS X 10.9 厂商补丁: Apple ----- Apple已经为此发布了一个安全公告(msg00004)以及相应补丁: msg00004:APPLE-SA-2013-10-22-3 OS X Mavericks...

4.3CVSS6.4AI score0.00895EPSS
Exploits1
NVD
NVD
added 2013/10/24 3:48 a.m.27 views

CVE-2013-5185

The ldapsearch command-line program in OpenLDAP in Apple Mac OS X before 10.9 does not properly process the minssf configuration setting, which allows remote attackers to obtain sensitive information by leveraging unintended weak encryption and sniffing the network...

4.3CVSS5.5AI score0.00895EPSS
Exploits1References1
Prion
Prion
added 2013/10/24 3:48 a.m.27 views

Design/Logic Flaw

The ldapsearch command-line program in OpenLDAP in Apple Mac OS X before 10.9 does not properly process the minssf configuration setting, which allows remote attackers to obtain sensitive information by leveraging unintended weak encryption and sniffing the network...

4.3CVSS6AI score0.00895EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2013/10/24 1:0 a.m.32 views

CVE-2013-5185

The ldapsearch command-line program in OpenLDAP in Apple Mac OS X before 10.9 does not properly process the minssf configuration setting, which allows remote attackers to obtain sensitive information by leveraging unintended weak encryption and sniffing the network...

5.5AI score0.00895EPSS
Exploits1References1
CVE
CVE
added 2013/10/24 1:0 a.m.61 views

CVE-2013-5185

CVE-2013-5185 affects Apple Mac OS X prior to 10.9, where the ldapsearch utility in OpenLDAP does not correctly process the minssf setting, enabling remote attackers to sniff network traffic and obtain sensitive data via weak encryption. Public references from NVD/Red Hat/OS X security notices co...

4.3CVSS5.6AI score0.00895EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/07/31 12:0 a.m.30 views

Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20130730)

It was discovered that the 389 Directory Server did not honor defined attribute access controls when evaluating search filter expressions. A remote attacker with permission to query the Directory Server could use this flaw to determine the values of restricted attributes via a series of search...

4CVSS5.4AI score0.01756EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/07/31 12:0 a.m.33 views

CentOS 6 : 389-ds-base (CESA-2013:1119)

Updated 389-ds-base packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

4CVSS5.6AI score0.01756EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/08/10 12:0 a.m.17 views

Search in LDAP the lastLogonTimestamp of Users.

This script search in LDAP the lastLogonTimestamp of Users. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2010/02/08 12:0 a.m.32 views

Search in LDAP, Users with conf. LogonHours

This script search in LDAP, Users who have configured Login Timeslots logonHours in Windows LDAP. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2006/04/23 12:0 a.m.45 views

'ldapsearch' Information Gathering (LDAP Protocol)

This plugins shows what information can be pulled of an LDAP server. SPDX-FileCopyrightText: 2006 Tarik El-Yassem/ITsec Security Services Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5.4AI score
Exploits0References1
Prion
Prion
added 2006/04/13 10:2 a.m.23 views

Design/Logic Flaw

Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name rootDN password when a privileged user 1 runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including 2 ldapadd, 3 ldapdelete, 4 ldapmodify, 5 ldapmodrd...

2.1CVSS7AI score0.0043EPSS
Exploits0References15Affected Software2
NVD
NVD
added 2006/04/13 10:2 a.m.30 views

CVE-2006-1782

Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name rootDN password when a privileged user 1 runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including 2 ldapadd, 3 ldapdelete, 4 ldapmodify, 5 ldapmodrd...

2.1CVSS6.5AI score0.0043EPSS
Exploits0References15
Cvelist
Cvelist
added 2006/04/13 10:0 a.m.37 views

CVE-2006-1782

Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name rootDN password when a privileged user 1 runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including 2 ldapadd, 3 ldapdelete, 4 ldapmodify, 5 ldapmodrd...

6.5AI score0.0043EPSS
Exploits0References15
Rows per page
Query Builder