15 matches found
EUVD-2011-1096
Malware in sbrugna...
389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...
DEBIAN-CVE-2012-4450
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...
CVE-2012-4450
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...
Code injection
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...
CVE-2012-4450
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...
CVE-2012-4450
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...
CVE-2012-4450
CVE-2012-4450 affects 389-ds-base (389 Directory Server) versions around 1.2.10. The issue arises when a DN entry is moved via modrdn; ACLs are not updated correctly, potentially allowing remote authenticated users with certain permissions to bypass ACL restrictions and access the moved DN entry....
CVE-2011-1081
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...
DEBIAN-CVE-2011-1081
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...
Design/Logic Flaw
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...
CVE-2011-1081
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...
CVE-2011-1081
OpenLDAP OpenLDAP 2.4.x is affected by CVE-2011-1081 due to a flaw in modrdn.c (slapd) that allows a remote attacker to crash the daemon via a MODRDN request with an empty OldDN value. Impact per the description is a Denial of Service (daemon crash). The issue is tied to OpenLDAP 2.4.x prior to 2...
openldap: slapd crash on modrdn operation with NOOP control on entry in bdb storage
slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service daemon crash via a modrdn operation with a NOOP LDAPXNOOPERATION control, a related issue to CVE-2007-6698...
CVE-2008-0658
slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service daemon crash via a modrdn operation with a NOOP LDAPXNOOPERATION control, a related issue to CVE-2007-6698...