CVE-2012-1164 – (slapd): Assertion failure by processing search queries requesting only attributes for particular entry
https://notcve.org/view.php?id=CVE-2012-1164
slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned. slapd de OpenLDAP anteriores a 2.4.30 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y finalización del demonio) a través de una petición de búsqueda LDAP con attrsOnly asignado a "true", lo que provoca que atributos vacíos sean devueltos. • http://rhn.redhat.com/errata/RHSA-2012-0899.html http://seclists.org/fulldisclosure/2019/Dec/26 http://secunia.com/advisories/48372 http://secunia.com/advisories/49607 http://security.gentoo.org/glsa/glsa-201406-36.xml http://www.mandriva.com/security/advisories?name=MDVSA-2012:130 http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7143 http://www.openldap.org/software/release/changes.html http://www.securityfocus.com/bid/52404 https://seclists.org/bugtraq/2019/Dec • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-2668 – openldap: does not honor TLSCipherSuite settings
https://notcve.org/view.php?id=CVE-2012-2668
libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information. libraries/libldap/tls_m.c en OpenLDAP, posiblemente v2.4.31 y anteriores, cuando se utiliza el "backend" de Mozilla NSS, siempre utiliza la suite de cifrado por defecto incluso cuando TLSCipherSuite está establecido, lo que podría provocar que OpenLDAP use algoritmos de cifrado más débiles que los esperados y que sea más fácil para que los atacantes remotos obtener información sensible. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676309 http://rhn.redhat.com/errata/RHSA-2012-1151.html http://seclists.org/fulldisclosure/2019/Dec/26 http://security.gentoo.org/glsa/glsa-201406-36.xml http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commitdiff%3Bh=2c2bb2e http://www.openldap.org/its/index.cgi?findid=7285 http://www.openwall.com/lists/oss-security/2012/06/05/4 http://www.openwall.com/lists/oss-security/2012/06/06/1 http://www • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2011-4079
https://notcve.org/view.php?id=CVE-2011-4079
Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry. Error por un paso en la función UTF8StringNormalize en OpenLDAP 2.4.26 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída de slapd) a través de una cadena de longitud cero que desencadena un desbordamiento de búfer basado en memoria dinámica, como se demuestra utilizando un valor vacío en el valor postalAddressAttribute en una entrada LDIF. • http://secunia.com/advisories/46599 http://security.gentoo.org/glsa/glsa-201406-36.xml http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commitdiff%3Bh=507238713b71208ec4f262f312cb495a302df9e9 http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7059%3Bselectid=7059 http://www.openwall.com/lists/oss-security/2011/10/26/5 http://www.openwall.com/lists/oss-security/2011/10/26/9 http://www.securityfocus.com/bid/50384 http://www.ubuntu.com/usn/USN-1266-1 https:/ • CWE-189: Numeric Errors •
CVE-2009-3767 – OpenLDAP: Doesn't properly handle NULL character in subject Common Name
https://notcve.org/view.php?id=CVE-2009-3767
libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. libraries/libldap/tls_o.c en OpenLDAP, cuando se usa OpenSSL, no maneja de forma adecuada el caracter '\0' en un nombre de dominio, dentro del campo sujeto del Common Name (CN) en los certificados X.509, lo que permite a atacantes man-in-the-middle, espíar servidores SSL de su elección a través de certificados manipulados concedidos por Autoridades Certificadoras, esta relacionado con CVE-2009-2408. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036138.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://marc.info/?l=oss-security&m=125198917018936&w=2 http://marc.info/?l=oss-security&m=125369675820512&w=2 http://secunia.com/advisories/38769 http://secunia.com/advisories/40677 http://security.gentoo.org/glsa/glsa-201406-36.xml http://support.apple. • CWE-295: Improper Certificate Validation •
CVE-2008-2952 – OpenLDAP BER Decoding Remote DoS Vulnerability
https://notcve.org/view.php?id=CVE-2008-2952
liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error. El archivo liblber/io.c en OpenLDAP versiones 2.2.4 hasta 2.4.10, permite a los atacantes remotos causar una denegación de servicio (finalización del programa) por medio de datagramas ASN.1 BER diseñados que desencadenan un error de aserción. This vulnerability allows remote attackers to deny services on vulnerable installations of OpenLDAP. Authentication is not required to exploit this vulnerability. The specific flaw exists in the decoding of ASN.1 BER network datagrams. When the size of a BerElement is specified incorrectly, the application will trigger an assert(), leading to abnormal program termination. • https://www.exploit-db.com/exploits/32000 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html http://secunia.com/advisories/30853 http://secunia.com/advisories/30917 http://secunia.com/advisories/30996 http://secunia.com/advisories/31326 http://secunia.com/advisories/31364 http://secunia.com/advisories/31436 http://secunia.com/advisories/32254 http://secunia.com/advisories/32316 http • CWE-399: Resource Management Errors •