EUVD-2019-4617

Malware in sbrugna...

RHEL 7 : openldap (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openldap: ACL restrictions bypass due to saslssf value being set permanently CVE-2019-13565 -...

SUSE CVE-2019-13057

An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN database admin privileges for certain databases but wants to maintain isolation e.g., for multi-tenant deployments, slapd does not properly stop a rootDN from requesting authorization a...

OpenLDAP < 2.4.48 Multiple Vulnerabilities

OpenLDAP is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2019-2358)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : openldap (EulerOS-SA-2019-2358)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security...

SUSE-SU-2019:2390-1 Security update for openldap2

This update for openldap2 fixes the following issues: Security issues fixed: - CVE-2019-13565: Fixed ssf memory reuse that leads to incorrect authorization of another connection, granting excess connection rights ssf bsc1143194. - CVE-2019-13057: Fixed rootDN of a backend that may proxyauth...

EulerOS Virtualization for ARM 64 3.0.2.0 : openldap (EulerOS-SA-2019-1939)

According to the version of the openldap packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN databas...

MGASA-2019-0280 Updated openldap packages fix security vulnerabilities

Updated openldap packages fix security vulnerabilities: It was discovered that OpenLDAP incorrectly handled rootDN delegation. A database administrator could use this issue to request authorization as an identity from another database, contrary to expectations CVE-2019-13057. It was discovered th...

Updated openldap packages fix security vulnerabilities

Updated openldap packages fix security vulnerabilities: It was discovered that OpenLDAP incorrectly handled rootDN delegation. A database administrator could use this issue to request authorization as an identity from another database, contrary to expectations CVE-2019-13057. It was discovered th...

USN-4078-2 openldap vulnerabilities

USN-4078-1 fixed several vulnerabilities in openldap. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that OpenLDAP incorrectly handled rootDN delegation. A database administrator could use this issue to request...

USN-4078-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP incorrectly handled rootDN delegation. A database administrator could use this issue to request authorization as an identity from another database, contrary to expectations. CVE-2019-13057 It was discovered that OpenLDAP incorrectly handled SASL authentication and...

CVE-2019-13057

An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN database admin privileges for certain databases but wants to maintain isolation e.g., for multi-tenant deployments, slapd does not properly stop a rootDN from requesting authorization a...

CVE-2019-13057

An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN database admin privileges for certain databases but wants to maintain isolation e.g., for multi-tenant deployments, slapd does not properly stop a rootDN from requesting authorization a...

Design/Logic Flaw

Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name rootDN password when a privileged user 1 runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including 2 ldapadd, 3 ldapdelete, 4 ldapmodify, 5 ldapmodrd...

CVE-2006-1782

Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name rootDN password when a privileged user 1 runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including 2 ldapadd, 3 ldapdelete, 4 ldapmodify, 5 ldapmodrd...