CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2017-14159
https://notcve.org/view.php?id=CVE-2017-14159
05 Sep 2017 — slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by openldap-initscript. slapd en OpenLDAP en su versión 2.4.45 y anteriores crea un archivo PID tras eliminar privilegios a una cuenta no-root, lo que podría permitir que usuarios locales terminen ... • http://www.openldap.org/its/index.cgi?findid=8703 • CWE-665: Improper Initialization •
CVSS: 6.5EPSS: 42%CPEs: 16EXPL: 1CVE-2017-9287 – openldap: Double free vulnerability in servers/slapd/back-mdb/search.c
https://notcve.org/view.php?id=CVE-2017-9287
29 May 2017 — servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. servers/slapd/back-mdb/search.c en OpenLDAP hasta la versión 2.4.44 es propenso a una doble vulnerabilidad de liberación de memoria. Un usuario con acceso para buscar en el directorio puede hacer que slapd deje de funcionar al emitir una búsqueda que incluya el control Page... • http://www.debian.org/security/2017/dsa-3868 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2015-3276 – openldap: incorrect multi-keyword mode cipherstring parsing
https://notcve.org/view.php?id=CVE-2015-3276
20 Nov 2015 — The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors. La función nss_parse_ciphers en libraries/libldap/tls_m.c en OpenLDAP no analiza adecuadamente cadenas de cifrado en modo multiclave de estilo OpenSSL, lo que podría provocar el uso de un cifrado más débil que el previsto y permitir ... • http://rhn.redhat.com/errata/RHSA-2015-2131.html • CWE-682: Incorrect Calculation •
CVSS: 5.3EPSS: 94%CPEs: 2EXPL: 2CVE-2015-6908 – OpenLDAP 2.4.42 - ber_get_next Denial of Service
https://notcve.org/view.php?id=CVE-2015-6908
11 Sep 2015 — The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. Vulnerabilidad en la función ber_get_next en libraries/liblber/io.c en OpenLDAP 2.4.42 y versiones anteriores, permite a atacantes remotos causar una denegación de servicio (aserción accesible y caída de la aplicación) a través de datos BER manipulados, según lo dem... • https://www.exploit-db.com/exploits/38145 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 94%CPEs: 33EXPL: 0CVE-2013-4449 – openldap: segfault on certain queries with rwm overlay
https://notcve.org/view.php?id=CVE-2013-4449
03 Feb 2014 — The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search. El overlay rwm en OpenLDAP 2.4.23, 2.4.36 y anteriores no cuenta debidamente las referencias, lo que permite a atacantes remotos causar una denegación de servicio (caída de slapd) mediante la desvi... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 2%CPEs: 24EXPL: 0CVE-2012-1164 – (slapd): Assertion failure by processing search queries requesting only attributes for particular entry
https://notcve.org/view.php?id=CVE-2012-1164
29 Jun 2012 — slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned. slapd de OpenLDAP anteriores a 2.4.30 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y finalización del demonio) a través de una petición de búsqueda LDAP con attrsOnly asignado a "true", lo que provoca que atributos vacíos sean devueltos. It was discovere... • http://rhn.redhat.com/errata/RHSA-2012-0899.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2012-2668 – openldap: does not honor TLSCipherSuite settings
https://notcve.org/view.php?id=CVE-2012-2668
17 Jun 2012 — libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information. libraries/libldap/tls_m.c en OpenLDAP, posiblemente v2.4.31 y anteriores, cuando se utiliza el "backend" de Mozilla NSS, siempre utiliza la suite de cifrado por defecto incluso cuando TLSCipherSuite est... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676309 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 4%CPEs: 175EXPL: 0CVE-2011-4079 – Gentoo Linux Security Advisory 201406-36
https://notcve.org/view.php?id=CVE-2011-4079
27 Oct 2011 — Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry. Error por un paso en la función UTF8StringNormalize en OpenLDAP 2.4.26 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída de slapd) a través de una cadena de longitud cero... • http://secunia.com/advisories/46599 • CWE-189: Numeric Errors •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2009-3767 – OpenLDAP: Doesn't properly handle NULL character in subject Common Name
https://notcve.org/view.php?id=CVE-2009-3767
23 Oct 2009 — libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. libraries/libldap/tls_o.c en OpenLDAP, cuando se usa OpenSSL, no maneja de forma adecuada el caracter '\0'... • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 82%CPEs: 47EXPL: 1CVE-2008-2952 – OpenLDAP BER Decoding Remote DoS Vulnerability
https://notcve.org/view.php?id=CVE-2008-2952
01 Jul 2008 — liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error. El archivo liblber/io.c en OpenLDAP versiones 2.2.4 hasta 2.4.10, permite a los atacantes remotos causar una denegación de servicio (finalización del programa) por medio de datagramas ASN.1 BER diseñados que desencadenan un error de aserción. This vulnerability allows remote attackers to deny services on vulnerable installations ... • https://www.exploit-db.com/exploits/32000 • CWE-399: Resource Management Errors •