CVE-2007-5708
https://notcve.org/view.php?id=CVE-2007-5708
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated. slapo-pcache (overlays/pcache.c) en slapd en OpenLDAP versiones anteriores a 2.3.39, cuando es ejecutado como un servidor de almacenamiento en caché de proxy, asigna memoria mediante una variante malloc en lugar de calloc, lo que impide que una matriz se inicialice apropiadamente y podría permitir a atacantes causar una denegación de servicio (fallo de segmentación) por medio de vectores de ataque desconocidos que impiden que la matriz sea terminada en null. • http://secunia.com/advisories/27424 http://secunia.com/advisories/27683 http://secunia.com/advisories/27756 http://secunia.com/advisories/27868 http://secunia.com/advisories/29225 http://secunia.com/advisories/29461 http://secunia.com/advisories/29682 http://security.gentoo.org/glsa/glsa-200803-28.xml http://www.debian.org/security/2008/dsa-1541 http://www.mandriva.com/security/advisories?name=MDVSA-2008:058 http://www.novell.com/linux/security/advisories/2007_24_sr.html • CWE-399: Resource Management Errors •
CVE-2006-6493 – OpenLDAP 2.4.3 - 'KBIND' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-6493
Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP is compiled with the --enable-kbind (Kerberos KBIND) option, allows remote attackers to execute arbitrary code via an LDAP bind request using the LDAP_AUTH_KRBV41 authentication method and long credential data. Desbordamiento de búfer en la función krbv4_ldap_auth de servers/slapd/kerberos.c en OpenLDAP 2.4.3 y versiones anteriores, cuando el OpenLDAP es compilado con la opción kbind (Kerberos KBIND) habilitada, permite a atacantes remotos ejecutar código de su elección a través de una petición LDAP utilizando el método de autenticación LDAP_AUTH_KRBV41 y un dato largo en las credenciales. • https://www.exploit-db.com/exploits/2933 http://secunia.com/advisories/23334 http://securityreason.com/securityalert/2023 http://www.phreedom.org/solar/exploits/openldap-kbind http://www.securityfocus.com/archive/1/454181/30/0/threaded http://www.vupen.com/english/advisories/2006/4964 •
CVE-2006-5779
https://notcve.org/view.php?id=CVE-2006-5779
OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure. Vulnerabilidad no especificada en el paquete openldap-2.2.29-1 de OpenLDAP en Fedora Core 4 (FC4), permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante cierta combinación de peticiones LDAP BIND que disparan un fallo de aserción. • http://gleg.net/downloads/VULNDISCO_META_FREE.tar.gz http://gleg.net/vulndisco_meta.shtml http://secunia.com/advisories/22750 http://secunia.com/advisories/22953 http://secunia.com/advisories/22996 http://secunia.com/advisories/23125 http://secunia.com/advisories/23133 http://secunia.com/advisories/23152 http://secunia.com/advisories/23170 http://security.gentoo.org/glsa/glsa-200611-25.xml http://securityreason.com/securityalert/1831 http://securitytracker.com/id?1017166 http • CWE-617: Reachable Assertion •
CVE-2006-4600
https://notcve.org/view.php?id=CVE-2006-4600
slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN). slapd en OpenLDAP anterior a 2.3.25 permite a un atacante remoto validar a usuarios con privilegios del Access Control List del selfwrite (ACL) para modificar los Distinguished Names (DN) de su elección. • ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://secunia.com/advisories/21721 http://secunia.com/advisories/22219 http://secunia.com/advisories/22273 http://secunia.com/advisories/22300 http://secunia.com/advisories/25098 http://secunia.com/advisories/25628 http://secunia.com/advisories/25676 http://secunia.com/advisories/25894 http://secunia.com/advisories/26909 http: •
CVE-2006-2754
https://notcve.org/view.php?id=CVE-2006-2754
Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname. • http://secunia.com/advisories/20126 http://secunia.com/advisories/20495 http://secunia.com/advisories/20685 http://secunia.com/advisories/20848 http://www.gentoo.org/security/en/glsa/glsa-200606-17.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:096 http://www.openldap.org/devel/cvsweb.cgi/servers/slurpd/st.c.diff?r1=1.21&r2=1.22&hideattic=1&sortbydate=0&f=h http://www.openldap.org/devel/cvsweb.cgi/servers/slurpd/st.c?hideattic=1&sortbydate=0#rev1.22 •