CVSS: 7.5EPSS: 2%CPEs: 18EXPL: 0CVE-2015-3276 – openldap: incorrect multi-keyword mode cipherstring parsing
https://notcve.org/view.php?id=CVE-2015-3276
20 Nov 2015 — The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors. La función nss_parse_ciphers en libraries/libldap/tls_m.c en OpenLDAP no analiza adecuadamente cadenas de cifrado en modo multiclave de estilo OpenSSL, lo que podría provocar el uso de un cifrado más débil que el previsto y permitir ... • http://rhn.redhat.com/errata/RHSA-2015-2131.html • CWE-682: Incorrect Calculation •
CVSS: 5.3EPSS: 61%CPEs: 2EXPL: 2CVE-2015-6908 – OpenLDAP 2.4.42 - ber_get_next Denial of Service
https://notcve.org/view.php?id=CVE-2015-6908
11 Sep 2015 — The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. Vulnerabilidad en la función ber_get_next en libraries/liblber/io.c en OpenLDAP 2.4.42 y versiones anteriores, permite a atacantes remotos causar una denegación de servicio (aserción accesible y caída de la aplicación) a través de datos BER manipulados, según lo dem... • https://www.exploit-db.com/exploits/38145 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 77%CPEs: 33EXPL: 0CVE-2013-4449 – openldap: segfault on certain queries with rwm overlay
https://notcve.org/view.php?id=CVE-2013-4449
03 Feb 2014 — The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search. El overlay rwm en OpenLDAP 2.4.23, 2.4.36 y anteriores no cuenta debidamente las referencias, lo que permite a atacantes remotos causar una denegación de servicio (caída de slapd) mediante la desvi... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 15%CPEs: 24EXPL: 0CVE-2012-1164 – (slapd): Assertion failure by processing search queries requesting only attributes for particular entry
https://notcve.org/view.php?id=CVE-2012-1164
29 Jun 2012 — slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned. slapd de OpenLDAP anteriores a 2.4.30 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y finalización del demonio) a través de una petición de búsqueda LDAP con attrsOnly asignado a "true", lo que provoca que atributos vacíos sean devueltos. It was discovere... • http://rhn.redhat.com/errata/RHSA-2012-0899.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2012-2668 – openldap: does not honor TLSCipherSuite settings
https://notcve.org/view.php?id=CVE-2012-2668
17 Jun 2012 — libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information. libraries/libldap/tls_m.c en OpenLDAP, posiblemente v2.4.31 y anteriores, cuando se utiliza el "backend" de Mozilla NSS, siempre utiliza la suite de cifrado por defecto incluso cuando TLSCipherSuite est... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676309 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 6%CPEs: 175EXPL: 0CVE-2011-4079 – Gentoo Linux Security Advisory 201406-36
https://notcve.org/view.php?id=CVE-2011-4079
27 Oct 2011 — Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry. Error por un paso en la función UTF8StringNormalize en OpenLDAP 2.4.26 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída de slapd) a través de una cadena de longitud cero... • http://secunia.com/advisories/46599 • CWE-189: Numeric Errors •
CVSS: 5.9EPSS: 1%CPEs: 4EXPL: 0CVE-2009-3767 – OpenLDAP: Doesn't properly handle NULL character in subject Common Name
https://notcve.org/view.php?id=CVE-2009-3767
23 Oct 2009 — libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. libraries/libldap/tls_o.c en OpenLDAP, cuando se usa OpenSSL, no maneja de forma adecuada el caracter '\0'... • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html • CWE-295: Improper Certificate Validation •
CVSS: 8.1EPSS: 4%CPEs: 1EXPL: 0CVE-2007-6698 – openldap: slapd crash on NOOP control operation on entry in bdb storage
https://notcve.org/view.php?id=CVE-2007-6698
01 Feb 2008 — The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerability. El backend de BDB para slapd en OpenLDAP versiones anteriores a 2.3.36, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo) por medio de una operación de modificación potencialmente con éxito con el control NOOP establecido... • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 5%CPEs: 119EXPL: 0CVE-2007-5707 – openldap slapd DoS via objectClasses attribute
https://notcve.org/view.php?id=CVE-2007-5707
30 Oct 2007 — OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent. OpenLDAP versiones anteriores a 2.3.39, permite a atacantes remotos causar una denegación de servicio (bloqueo de slapd) por medio de una petición LDAP con un atributo objectClasses malformado. NOTA: esto ha sido reportado como doble liberación, pero los reportes son incoherente... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440632 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 2%CPEs: 119EXPL: 0CVE-2007-5708
https://notcve.org/view.php?id=CVE-2007-5708
30 Oct 2007 — slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated. slapo-pcache (overlays/pcache.c) en slapd en OpenLDAP versiones anteriores a 2.3.39, cuando es ejecutado como un servidor de almacenamiento e... • http://secunia.com/advisories/27424 • CWE-399: Resource Management Errors •