CVE-2008-2930 – RedHat 8/9 - Directory Server Crafted Search Pattern Denial of Service
https://notcve.org/view.php?id=CVE-2008-2930
Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem. Red Hat Directory Server 7.1 anteriores al SP7, Red Hat Directory Server 8, y Fedora Directory Server 1.1.1 permiten a atacantes remotos provocar una denegación de servicio (consumo de CPU y agotamiento de búsqueda) a través de una petición de búsqueda LDAP manipulada con patrones, relativos a los subsistemas de hilo-simple y expresión-regular. • https://www.exploit-db.com/exploits/32304 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861 http://secunia.com/advisories/31565 http://secunia.com/advisories/31627 http://secunia.com/advisories/31702 http://secunia.com/advisories/31867 http://securitytracker.com/id?1020773 http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html http://www.redhat.com/support/errata/RHSA-2008-0602.html http://www.redhat.com/support/errata/RHSA& • CWE-399: Resource Management Errors •
CVE-2008-2929 – Server: multiple XSS issues
https://notcve.org/view.php?id=CVE-2008-2929
Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject arbitrary web script or HTML via input values that use % (percent) escaping. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en la biblioteca adminutil del interface web de Directory Server Administration Express y Directory Server Gateway (DSGW) en Red Hat Directory Server 7.1 anteriores al SP7 y 8 EL4 y EL5, y Fedora Directory Server, permite a atacantes remotos inyectar web script o HTML de su elección a través de valores de entrada que utilizan el carácter de escape %. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861 http://secunia.com/advisories/31565 http://secunia.com/advisories/31612 http://secunia.com/advisories/31702 http://secunia.com/advisories/31777 http://securitytracker.com/id?1020772 http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html http://www.securityfocus.com/bid/30870 http://www.vupen.com/english/advisories/2008/2480 https://bugzilla.redhat.com/show_bug.cgi?id=454621 ht • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2008-3283 – Server: multiple memory leaks
https://notcve.org/view.php?id=CVE-2008-3283
Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests. Múltiples fugas de memoria en Red Hat Directory Server 7.1 anteriores al SP7, Red Hat Directory Server 8, y Fedora Directory Server 1.1.1 y anteriores, permiten a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de vectores que involucran: (1) la fase de autenticación/asignación y (2) peticiones de búsqueda LDAP anónimas. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861 http://secunia.com/advisories/31565 http://secunia.com/advisories/31627 http://secunia.com/advisories/31702 http://secunia.com/advisories/31867 http://secunia.com/advisories/31913 http://securitytracker.com/id?1020774 http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html http://www.redhat.com/support/errata/RHSA-2008-0602.html http://www.redhat.com/support/errata/RHSA-2008-0 • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2008-2928 – Server: CGI accept language buffer overflow
https://notcve.org/view.php?id=CVE-2008-2928
Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header. Múltiples desbordamiento de búfer en la biblioteca adminutil de aplicaciones CGI en Red Hat Directory Server 7.1 anteriores a SP7, permiten a atacantes remotos provocar una denegación de servicio (caída de demonio) o posiblemente ejecución arbitraria de código a través de una cabecera http Accept languaje manipulada. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861 http://secunia.com/advisories/31565 http://secunia.com/advisories/31702 http://secunia.com/advisories/31777 http://securitytracker.com/id?1020771 http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html http://www.securityfocus.com/bid/30869 http://www.vupen.com/english/advisories/2008/2480 https://bugzilla.redhat.com/show_bug.cgi?id=453916 https://exchange.xforce.ibmcloud.com/vu • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-1677 – Server: insufficient buffer size for search patterns
https://notcve.org/view.php?id=CVE-2008-1677
Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote attackers to cause a denial of service (slapd crash) and possibly execute arbitrary code via a crafted LDAP query that triggers the overflow during translation to a regular expression. Desbordamiento de búfer en el controlador de expresiones regulares de Red Hat Directory Server 8.0 y 7.1 anterior a SP6 permite a atacantes remotos provocar una denegación de servicio (caída de slapd) y posiblemente ejecutar código de su elección mediante una consulta LDAP manipulada que dispara el desbordamiento durante la traducción a una expresión regular. • http://secunia.com/advisories/30181 http://secunia.com/advisories/30185 http://www.redhat.com/support/errata/RHSA-2008-0268.html http://www.redhat.com/support/errata/RHSA-2008-0269.html http://www.securityfocus.com/bid/29126 http://www.securitytracker.com/id?1020001 https://bugzilla.redhat.com/show_bug.cgi?id=444712 https://exchange.xforce.ibmcloud.com/vulnerabilities/42332 https://access.redhat.com/security/cve/CVE-2008-1677 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •