2 matches found
UBUNTU-CVE-2026-11774
An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...
Arbitrary Code Execution
redhat-idm-console is vulnerable to arbitrary code execution. When running on Red Hat Enterprise Linux, Red Hat Directory Server 8.0 used insecure permissions on the redhat-idm-console startup script. Local users could modify this script and run arbitrary code with the privileges of the user...