CVE-2006-4600
https://notcve.org/view.php?id=CVE-2006-4600
slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN). slapd en OpenLDAP anterior a 2.3.25 permite a un atacante remoto validar a usuarios con privilegios del Access Control List del selfwrite (ACL) para modificar los Distinguished Names (DN) de su elección. • ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://secunia.com/advisories/21721 http://secunia.com/advisories/22219 http://secunia.com/advisories/22273 http://secunia.com/advisories/22300 http://secunia.com/advisories/25098 http://secunia.com/advisories/25628 http://secunia.com/advisories/25676 http://secunia.com/advisories/25894 http://secunia.com/advisories/26909 http: •
CVE-2006-2754
https://notcve.org/view.php?id=CVE-2006-2754
Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname. • http://secunia.com/advisories/20126 http://secunia.com/advisories/20495 http://secunia.com/advisories/20685 http://secunia.com/advisories/20848 http://www.gentoo.org/security/en/glsa/glsa-200606-17.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:096 http://www.openldap.org/devel/cvsweb.cgi/servers/slurpd/st.c.diff?r1=1.21&r2=1.22&hideattic=1&sortbydate=0&f=h http://www.openldap.org/devel/cvsweb.cgi/servers/slurpd/st.c?hideattic=1&sortbydate=0#rev1.22 •
CVE-2005-4442
https://notcve.org/view.php?id=CVE-2005-4442
Untrusted search path vulnerability in OpenLDAP before 2.2.28-r3 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. • http://secunia.com/advisories/18040 http://www.gentoo.org/security/en/glsa/glsa-200512-07.xml http://www.securityfocus.com/bid/15120 •
CVE-2004-1880
https://notcve.org/view.php?id=CVE-2004-1880
Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier allows remote attackers to cause a denial of service (memory consumption). • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000685 http://secunia.com/advisories/9203 http://www.osvdb.org/17000 •
CVE-2004-0823
https://notcve.org/view.php?id=CVE-2004-0823
OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them. • http://secunia.com/advisories/12491 http://secunia.com/advisories/17233 http://secunia.com/advisories/21520 http://support.avaya.com/elmodocs2/security/ASA-2006-157.htm http://www.auscert.org.au/render.html?it=4363 http://www.redhat.com/support/errata/RHSA-2005-751.html http://www.securityfocus.com/advisories/7148 http://www.securityfocus.com/bid/11137 https://exchange.xforce.ibmcloud.com/vulnerabilities/17300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre •