79 matches found
CVE-2012-4450
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...
Code injection
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...
CVE-2012-4450
CVE-2012-4450 affects 389-ds-base (389 Directory Server) versions around 1.2.10. The issue arises when a DN entry is moved via modrdn; ACLs are not updated correctly, potentially allowing remote authenticated users with certain permissions to bypass ACL restrictions and access the moved DN entry....
CVE-2012-4450
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...
CVE-2012-4450
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...
Scientific Linux Security Update : openldap on SL4.x, SL5.x i386/x86_64
These updated openldap packages fix a flaw in the way the OpenLDAP slapd daemon handled modify and modrdn requests with NOOP control on objects stored in a Berkeley DB BDB storage backend. An authenticated attacker with permission to perform modify or modrdn operations on such LDAP objects could...
CentOS Update for compat-openldap CESA-2010:0542 centos5 i386
Check for the Version of compat-openldap OpenVAS Vulnerability Test CentOS Update for compat-openldap CESA-2010:0542 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
CVE-2011-1081
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...
DEBIAN-CVE-2011-1081
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...
Design/Logic Flaw
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...
CVE-2011-1081
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...
CVE-2011-1081
OpenLDAP OpenLDAP 2.4.x is affected by CVE-2011-1081 due to a flaw in modrdn.c (slapd) that allows a remote attacker to crash the daemon via a MODRDN request with an empty OldDN value. Impact per the description is a Denial of Service (daemon crash). The issue is tied to OpenLDAP 2.4.x prior to 2...
CVE-2011-1081
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...
openldap security update
2.4.19-15.2 - fix: security - DoS when submitting special MODRDN request 680975 2.4.19-15.1 - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success - fix: CVE-2011-1025 rootpw is not verified for ndb backend...
SuSE 11.1 Security Update : openLDAP (SAT Patch Number 2551)
Several issues have been fixed in OpenLDAP : - specially crafted MODRDN operations can crash the OpenLDAP server. CVE-2010-0211 / CVE-2010-0212 - syncrepl might loose deletes in refreshAndPersist mode %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
OpenLDAP 2.4.x - modrdn NULL OldDN Remote Denial of Service
OpenLDAP 2.4.x - modrdn NULL OldDN Remote Denial of Service source: https://www.securityfocus.com/bid/46831/info OpenLDAP is prone to a remote denial-of-service vulnerability that affects the 'modify relative distinguished name' modrdn command. Attackers can exploit this issue to deny service to...
OpenLDAP 2.4.x - 'modrdn' NULL OldDN Remote Denial of Service
source: https://www.securityfocus.com/bid/46831/info OpenLDAP is prone to a remote denial-of-service vulnerability that affects the 'modify relative distinguished name' modrdn command. Attackers can exploit this issue to deny service to legitimate users by crashing affected 'slapd' servers...
SuSE 11 Security Update : openLDAP (SAT Patch Number 2552)
Several issues have been fixed in OpenLDAP : - specially crafted MODRDN operations can crash the OpenLDAP server. CVE-2010-0211 / CVE-2010-0212 - syncrepl might loose deletes in refreshAndPersist mode - DoS when handling 0-bytes %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
OpenLDAP Modrdn RDN UTF-8 String Code Execution (CVE-2010-0211)
OpenLDAP is an open-source implementation of the Lightweight Directory Access Protocol LDAP service. On a default installation, the OpenLDAP server uses TCP port 389 for communication. A remote code execution vulnerability has been reported in OpenLDAP. The vulnerability is due to a memory...
OpenLDAP Modrdn RDN NULL String Denial of Service (CVE-2010-0212)
OpenLDAP is an open-source implementation of the Lightweight Directory Access Protocol LDAP service. On a default installation, the OpenLDAP server uses TCP port 389 for communication. A remote code execution vulnerability has been reported in OpenLDAP. The vulnerability is due to a memory...