CVSS: 5.9EPSS: 1%CPEs: 4EXPL: 0CVE-2009-3767 – OpenLDAP: Doesn't properly handle NULL character in subject Common Name
https://notcve.org/view.php?id=CVE-2009-3767
23 Oct 2009 — libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. libraries/libldap/tls_o.c en OpenLDAP, cuando se usa OpenSSL, no maneja de forma adecuada el caracter '\0'... • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 50%CPEs: 47EXPL: 1CVE-2008-2952 – OpenLDAP BER Decoding Remote DoS Vulnerability
https://notcve.org/view.php?id=CVE-2008-2952
01 Jul 2008 — liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error. El archivo liblber/io.c en OpenLDAP versiones 2.2.4 hasta 2.4.10, permite a los atacantes remotos causar una denegación de servicio (finalización del programa) por medio de datagramas ASN.1 BER diseñados que desencadenan un error de aserción. This vulnerability allows remote attackers to deny services on vulnerable installations ... • https://www.exploit-db.com/exploits/32000 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 2%CPEs: 119EXPL: 3CVE-2006-6493 – OpenLDAP 2.4.3 - 'KBIND' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-6493
13 Dec 2006 — Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP is compiled with the --enable-kbind (Kerberos KBIND) option, allows remote attackers to execute arbitrary code via an LDAP bind request using the LDAP_AUTH_KRBV41 authentication method and long credential data. Desbordamiento de búfer en la función krbv4_ldap_auth de servers/slapd/kerberos.c en OpenLDAP 2.4.3 y versiones anteriores, cuando el OpenLDAP es compilado con la opción kbind (Ker... • https://www.exploit-db.com/exploits/2933 •