Lucene search
K

79 matches found

UbuntuCve
UbuntuCve
added 2012/10/01 3:26 a.m.25 views

CVE-2012-4450

389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...

6CVSS5.9AI score0.01862EPSS
Exploits0References1
Prion
Prion
added 2012/10/01 3:26 a.m.16 views

Code injection

389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...

6CVSS6.6AI score0.01862EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2012/10/01 1:0 a.m.69 views

CVE-2012-4450

CVE-2012-4450 affects 389-ds-base (389 Directory Server) versions around 1.2.10. The issue arises when a DN entry is moved via modrdn; ACLs are not updated correctly, potentially allowing remote authenticated users with certain permissions to bypass ACL restrictions and access the moved DN entry....

6CVSS6.1AI score0.01862EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2012/10/01 1:0 a.m.43 views

CVE-2012-4450

389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...

6CVSS6.1AI score0.01862EPSS
Exploits0
Cvelist
Cvelist
added 2012/10/01 1:0 a.m.30 views

CVE-2012-4450

389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry...

6AI score0.01862EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.31 views

Scientific Linux Security Update : openldap on SL4.x, SL5.x i386/x86_64

These updated openldap packages fix a flaw in the way the OpenLDAP slapd daemon handled modify and modrdn requests with NOOP control on objects stored in a Berkeley DB BDB storage backend. An authenticated attacker with permission to perform modify or modrdn operations on such LDAP objects could...

4CVSS5.4AI score0.03053EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.31 views

CentOS Update for compat-openldap CESA-2010:0542 centos5 i386

Check for the Version of compat-openldap OpenVAS Vulnerability Test CentOS Update for compat-openldap CESA-2010:0542 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

5CVSS8.8AI score0.29238EPSS
Exploits2References2
OSV
OSV
added 2011/03/20 2:0 a.m.7 views

CVE-2011-1081

modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...

6.3AI score
Exploits0References21
OSV
OSV
added 2011/03/20 2:0 a.m.1 views

DEBIAN-CVE-2011-1081

modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...

5CVSS6.7AI score0.13518EPSS
Exploits1References1
Prion
Prion
added 2011/03/20 2:0 a.m.27 views

Design/Logic Flaw

modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...

5CVSS6.9AI score0.13518EPSS
Exploits1References20Affected Software1
Cvelist
Cvelist
added 2011/03/20 1:0 a.m.27 views

CVE-2011-1081

modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...

9AI score0.13518EPSS
Exploits1References20
CVE
CVE
added 2011/03/20 1:0 a.m.78 views

CVE-2011-1081

OpenLDAP OpenLDAP 2.4.x is affected by CVE-2011-1081 due to a flaw in modrdn.c (slapd) that allows a remote attacker to crash the daemon via a MODRDN request with an empty OldDN value. Impact per the description is a Denial of Service (daemon crash). The issue is tied to OpenLDAP 2.4.x prior to 2...

5CVSS8.8AI score0.13518EPSS
Exploits1References20Affected Software1
UbuntuCve
UbuntuCve
added 2011/03/19 12:0 a.m.30 views

CVE-2011-1081

modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service daemon crash via a relative Distinguished Name DN modification request aka MODRDN operation that contains an empty value for the OldDN field...

5CVSS5.9AI score0.13518EPSS
Exploits1References4
Oracle linux
Oracle linux
added 2011/03/10 12:0 a.m.51 views

openldap security update

2.4.19-15.2 - fix: security - DoS when submitting special MODRDN request 680975 2.4.19-15.1 - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success - fix: CVE-2011-1025 rootpw is not verified for ndb backend...

6.8CVSS2.1AI score0.13518EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2011/01/21 12:0 a.m.24 views

SuSE 11.1 Security Update : openLDAP (SAT Patch Number 2551)

Several issues have been fixed in OpenLDAP : - specially crafted MODRDN operations can crash the OpenLDAP server. CVE-2010-0211 / CVE-2010-0212 - syncrepl might loose deletes in refreshAndPersist mode %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

9.8CVSS8.2AI score0.29238EPSS
Exploits2References6
exploitpack
exploitpack
added 2011/01/03 12:0 a.m.14 views

OpenLDAP 2.4.x - modrdn NULL OldDN Remote Denial of Service

OpenLDAP 2.4.x - modrdn NULL OldDN Remote Denial of Service source: https://www.securityfocus.com/bid/46831/info OpenLDAP is prone to a remote denial-of-service vulnerability that affects the 'modify relative distinguished name' modrdn command. Attackers can exploit this issue to deny service to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/01/03 12:0 a.m.29 views

OpenLDAP 2.4.x - 'modrdn' NULL OldDN Remote Denial of Service

source: https://www.securityfocus.com/bid/46831/info OpenLDAP is prone to a remote denial-of-service vulnerability that affects the 'modify relative distinguished name' modrdn command. Attackers can exploit this issue to deny service to legitimate users by crashing affected 'slapd' servers...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/12/02 12:0 a.m.27 views

SuSE 11 Security Update : openLDAP (SAT Patch Number 2552)

Several issues have been fixed in OpenLDAP : - specially crafted MODRDN operations can crash the OpenLDAP server. CVE-2010-0211 / CVE-2010-0212 - syncrepl might loose deletes in refreshAndPersist mode - DoS when handling 0-bytes %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

9.8CVSS8.2AI score0.29238EPSS
Exploits2References7
Check Point Advisories
Check Point Advisories
added 2010/10/13 12:0 a.m.1 views

OpenLDAP Modrdn RDN UTF-8 String Code Execution (CVE-2010-0211)

OpenLDAP is an open-source implementation of the Lightweight Directory Access Protocol LDAP service. On a default installation, the OpenLDAP server uses TCP port 389 for communication. A remote code execution vulnerability has been reported in OpenLDAP. The vulnerability is due to a memory...

5CVSS9.5AI score0.29238EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2010/10/13 12:0 a.m.9 views

OpenLDAP Modrdn RDN NULL String Denial of Service (CVE-2010-0212)

OpenLDAP is an open-source implementation of the Lightweight Directory Access Protocol LDAP service. On a default installation, the OpenLDAP server uses TCP port 389 for communication. A remote code execution vulnerability has been reported in OpenLDAP. The vulnerability is due to a memory...

5CVSS9.5AI score0.06221EPSS
Exploits1
Rows per page
Query Builder