Page 5 of 61 results (0.012 seconds)

CVSS: 4.9EPSS: 0%CPEs: 29EXPL: 0

An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.) Se detectó un problema en el servidor en OpenLDAP anterior a versión 2.4.48. Cuando el administrador del servidor delega los privilegios de tipo rootDN (administrador de base de datos) para ciertas bases de datos, pero quiere mantener el aislamiento (por ejemplo, para implementaciones de múltiples inquilinos), slapd no detiene apropiadamente un rootDN de solicitar una autorización como una identidad de otra base de datos durante un enlace SASL o con un control proxyAuthz (RFC 4370). • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html http://seclists.org/fulldisclosure/2019/Dec/26 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://lists.debian.org/debian-lts-announce/2019/08/msg00024.html https://seclists.org/bugtraq/2019/Dec/23 https://security.netapp.com/advisory/ntap-20190822-0004 https://support.apple.com/kb/HT210788 https://usn.ubuntu.com/4 •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. contrib/slapd-modules/nops/nops.c en OpenLDAP hasta la versión 2.4.45, cuando el módulo nops y la capa memberof están activados, intenta liberar un búfer que se había asignado en la pila, lo que permite que los atacantes remotos provoquen una denegación de servicio (cierre inesperado de slapd) mediante una operación member MODDN. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html http://www.openldap.org/its/index.cgi/Incoming?id=8759 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0

slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by openldap-initscript. slapd en OpenLDAP en su versión 2.4.45 y anteriores crea un archivo PID tras eliminar privilegios a una cuenta no-root, lo que podría permitir que usuarios locales terminen procesos arbitrarios aprovechando el acceso a esta cuenta no-root para modificar el archivo PID antes de que un script root ejecute un comando "kill `cat /pathname`". Esto se ha demostrado con openldap-initscript. • http://www.openldap.org/its/index.cgi?findid=8703 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-665: Improper Initialization •

CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0

/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it. La biblioteca /usr/libexec/openldap/generate-server-cert.sh en openldap-servers se establece permisos débiles para el certificado TLS, que permite a los usuarios locales obtener el certificado TLS mediante el aprovechamiento de una condición de carrera entre la creación del certificado y la función chmod para protegerlo • https://bugzilla.redhat.com/show_bug.cgi?id=1346120 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 6.5EPSS: 89%CPEs: 16EXPL: 1

servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. servers/slapd/back-mdb/search.c en OpenLDAP hasta la versión 2.4.44 es propenso a una doble vulnerabilidad de liberación de memoria. Un usuario con acceso para buscar en el directorio puede hacer que slapd deje de funcionar al emitir una búsqueda que incluya el control Paged Results con un tamaño de página de 0. A double-free flaw was found in the way OpenLDAP's slapd server using the MDB backend handled LDAP searches. A remote attacker with access to search the directory could potentially use this flaw to crash slapd by issuing a specially crafted LDAP search query. • http://www.debian.org/security/2017/dsa-3868 http://www.openldap.org/its/?findid=8655 http://www.securityfocus.com/bid/98736 http://www.securitytracker.com/id/1038591 https://access.redhat.com/errata/RHSA-2017:1852 https://bugs.debian.org/863563 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2017-9287 https://bugzilla.redhat.com/show_bug.cgi?id=1456712 • CWE-415: Double Free CWE-416: Use After Free •