NotCVE - vendor:"Redhat" product:"Directory Server" version:" <= 8.2"

Page 3 of 27 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2008-0890 – 7.1: insecure default permissions on jars directory

https://notcve.org/view.php?id=CVE-2008-0890

12 Mar 2008 — Red Hat Directory Server 7.1 before SP4 uses insecure permissions for certain directories, which allows local users to modify JAR files and execute arbitrary code via unknown vectors. Red Hat Directory Server 7.1 anterior al SP4 usa permisos inseguros para ciertos directorios, lo que permite a usuarios locales modificar archivos JAR y ejecutar código de su elección mediante vectores no especificados. • http://secunia.com/advisories/29350 • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 10.0EPSS: 34%CPEs: 1EXPL: 0

CVE-2004-1236

https://notcve.org/view.php?id=CVE-2004-1236

31 Dec 2004 — Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code. • http://marc.info/?l=bugtraq&m=110384298016120 •

CVSS: 9.8EPSS: 3%CPEs: 93EXPL: 0

CVE-2004-0826

https://notcve.org/view.php?id=CVE-2004-0826

02 Sep 2004 — Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. • http://marc.info/?l=bugtraq&m=109351293827731&w=2 •

CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1

CVE-2001-0164

https://notcve.org/view.php?id=CVE-2001-0164

02 Jun 2001 — Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field. • http://www.atstake.com/research/advisories/2001/a030701-1.txt •

CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 3

CVE-2000-1075 – iPlanet Certificate Management System 4.2 - Directory Traversal

https://notcve.org/view.php?id=CVE-2000-1075

11 Dec 2000 — Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services. • https://www.exploit-db.com/exploits/20324 •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2000-1076

https://notcve.org/view.php?id=CVE-2000-1076

29 Nov 2000 — Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. • http://archives.neohapsis.com/archives/bugtraq/2000-10/0383.html •

CVSS: 7.5EPSS: 5%CPEs: 22EXPL: 0

CVE-1999-0007

https://notcve.org/view.php?id=CVE-1999-0007

26 Jun 1998 — Information from SSL-encrypted sessions via PKCS #1. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

1 2 3