3 results (0.010 seconds)

CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0

Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of service (daemon crash) via a crafted LDAP search request. Múltiples vulnerabilidades sin especificar en (1) ns-slapd y (2) slapd.exe en Sun Directory Server Enterprise Edition v7.0, Sun Java System Directory Server v5.2, y Sun Java System Directory Server Enterprise Edition v6.0 a la v6.3.1, permite a atacantes remotos provocar una denegación de servicio (caída de demonio) a través de una petición de búsqueda manipulada en el LDAP. • http://sunsolve.sun.com/search/document.do?assetkey=1-21-143884-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-275711-1 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021788.1-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/56603 •

CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 3

The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted LDAP Search Request message. La función core_get_proxyauth_dn en ns-slapd en Sun Java System Directory Server Enterprise Edition v7.0, permite a atacantes remotos provocar una denegación de servicio (deferencia a puntero NULL y caída de demonio) a través de un mensaje LDAP Search Request manipulado. • https://www.exploit-db.com/exploits/33483 http://intevydis.blogspot.com/2010/01/sun-directory-server-70.html http://secunia.com/advisories/37978 http://securitytracker.com/id?1023431 http://www.securityfocus.com/bid/37699 http://www.vupen.com/english/advisories/2010/0085 https://exchange.xforce.ibmcloud.com/vulnerabilities/55511 •

CVSS: 7.5EPSS: 3%CPEs: 93EXPL: 0

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. • http://marc.info/?l=bugtraq&m=109351293827731&w=2 http://www.securityfocus.com/bid/11015 http://xforce.iss.net/xforce/alerts/id/180 https://exchange.xforce.ibmcloud.com/vulnerabilities/16314 •