18 matches found
SUSE CVE-2026-11884
A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...
Linux Distros Unpatched Vulnerability : CVE-2026-11884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer...
CVE-2026-11884
A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...
EUVD-2026-36045
A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...
CVE-2026-11884 389-ds-base: 389-ds-base: heap buffer overflow in schema objectclass serialization due to missing oc_superior in size calculation
A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...
CVE-2026-11884 389-ds-base: 389-ds-base: heap buffer overflow in schema objectclass serialization due to missing oc_superior in size calculation
A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...
CVE-2026-11884
389 Directory Server suffers a heap buffer overflow in schema objectclass serialization (oc_superior field) due to omitted length in size calculations during read_schema_dse() and schema_oc_to_string(). The SUP field is still written with strcat(), enabling an attacker with Directory Manager priv...
CVE-2026-11884
A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...
PT-2026-48432
Name of the Vulnerable Software and Affected Versions 389 Directory Server affected versions not specified Description A heap buffer overflow occurs during the serialization of objectclass definitions. The length of the oc superior SUP field is omitted from buffer size calculations within the rea...
EUVD-2013-5992
Malware in sbrugna...
SUSE CVE-2013-0172
Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging 1...
Samba 4.0.0 Bypass Restriction Vulnerability (CVE-2013-0172)
Samba 4.0.0 as an AD DC may provide authenticated users with write access to LDAP directory objects. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
JetError -1404, JET_errIndexNotFound, No such index
Challenge When trying to open a database in VEAD, you receive the following error message: JetError -1404, JETerrIndexNotFound, No such index Solution Log in to the domain controller from which you are trying to restore the database, run cmd as Administrator and run the following: 1. Type regsvr3...
CVE-2013-6163
Multiple cross-site scripting XSS vulnerabilities in ProjeQtOr formerly Project'Or RIA before 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the 1 type parameter to view/parameter.php, 2 p1value parameter to view/main.php, or 3 objectClass parameter to view/objectDetail.p...
CVE-2013-0172
Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging 1...
Design/Logic Flaw
Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging 1...
A Samba AD DC may provide authenticated users with
Description In AD, Access Control Entries can be assigned based on the objectClass of the object. If a user or a group the user is a member of has any access based on the objectClass, then that user has write access to that object. Additionally, if a user has write access to any attribute on the...
OS Identification : LDAP
The remote operating system can be identified through its response to a search request with a filter set to 'objectClass='. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58076; scriptversion"1.4"; scriptcvsdate"Date: 2020/01/22"; scriptnameenglish:"OS Identification...