Lucene search
K

18 matches found

SUSE CVE
SUSE CVE
added 2026/06/12 2:31 a.m.11 views

SUSE CVE-2026-11884

A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...

6.5CVSS5.7AI score0.00349EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer...

6.5CVSS5.7AI score0.00349EPSS
Exploits0References4
NVD
NVD
added 2026/06/10 3:16 p.m.11 views

CVE-2026-11884

A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...

6.5CVSS0.00349EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/10 2:7 p.m.8 views

EUVD-2026-36045

A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...

7.2CVSS5.7AI score0.01038EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/10 2:7 p.m.33 views

CVE-2026-11884 389-ds-base: 389-ds-base: heap buffer overflow in schema objectclass serialization due to missing oc_superior in size calculation

A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...

6.5CVSS0.00349EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 2:7 p.m.8 views

CVE-2026-11884 389-ds-base: 389-ds-base: heap buffer overflow in schema objectclass serialization due to missing oc_superior in size calculation

A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...

6.5CVSS5.7AI score0.00349EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 2:7 p.m.20 views

CVE-2026-11884

389 Directory Server suffers a heap buffer overflow in schema objectclass serialization (oc_superior field) due to omitted length in size calculations during read_schema_dse() and schema_oc_to_string(). The SUP field is still written with strcat(), enabling an attacker with Directory Manager priv...

6.5CVSS5.7AI score0.00349EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/10 2:7 p.m.8 views

CVE-2026-11884

A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...

6.5CVSS5.7AI score0.00349EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.13 views

PT-2026-48432

Name of the Vulnerable Software and Affected Versions 389 Directory Server affected versions not specified Description A heap buffer overflow occurs during the serialization of objectclass definitions. The length of the oc superior SUP field is omitted from buffer size calculations within the rea...

6.5CVSS6.2AI score0.00349EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-5992

Malware in sbrugna...

4.3CVSS6.4AI score0.01713EPSS
Exploits2References12
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.2 views

SUSE CVE-2013-0172

Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging 1...

3.5CVSS6.8AI score0.02426EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/09/24 12:0 a.m.19 views

Samba 4.0.0 Bypass Restriction Vulnerability (CVE-2013-0172)

Samba 4.0.0 as an AD DC may provide authenticated users with write access to LDAP directory objects. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

3.5CVSS6.3AI score0.02426EPSS
Exploits0References1
Veeam
Veeam
added 2014/04/21 12:0 a.m.60 views

JetError -1404, JET_errIndexNotFound, No such index

Challenge When trying to open a database in VEAD, you receive the following error message: JetError -1404, JETerrIndexNotFound, No such index Solution Log in to the domain controller from which you are trying to restore the database, run cmd as Administrator and run the following: 1. Type regsvr3...

7AI score
Exploits0
NVD
NVD
added 2013/11/14 8:55 p.m.26 views

CVE-2013-6163

Multiple cross-site scripting XSS vulnerabilities in ProjeQtOr formerly Project'Or RIA before 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the 1 type parameter to view/parameter.php, 2 p1value parameter to view/main.php, or 3 objectClass parameter to view/objectDetail.p...

4.3CVSS5.7AI score0.01713EPSS
Exploits2References10
ATTACKERKB
ATTACKERKB
added 2013/01/17 9:55 p.m.4 views

CVE-2013-0172

Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging 1...

3.5CVSS5.6AI score0.02426EPSS
Exploits0References2
Prion
Prion
added 2013/01/17 9:55 p.m.23 views

Design/Logic Flaw

Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging 1...

3.5CVSS6.7AI score0.02426EPSS
Exploits0References1Affected Software1
Samba
Samba
added 2013/01/15 12:0 a.m.130 views

A Samba AD DC may provide authenticated users with

Description In AD, Access Control Entries can be assigned based on the objectClass of the object. If a user or a group the user is a member of has any access based on the objectClass, then that user has write access to that object. Additionally, if a user has write access to any attribute on the...

3.5CVSS7.6AI score0.02426EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/02/21 12:0 a.m.31 views

OS Identification : LDAP

The remote operating system can be identified through its response to a search request with a filter set to 'objectClass='. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58076; scriptversion"1.4"; scriptcvsdate"Date: 2020/01/22"; scriptnameenglish:"OS Identification...

5.6AI score
Exploits0
Rows per page
Query Builder