Page 8 of 42 results (0.026 seconds)

CVSS: 7.2EPSS: 0%CPEs: 82EXPL: 0

Untrusted search path vulnerability in OpenLDAP before 2.2.28-r3 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. • http://secunia.com/advisories/18040 http://www.gentoo.org/security/en/glsa/glsa-200512-07.xml http://www.securityfocus.com/bid/15120 •

CVSS: 5.0EPSS: 1%CPEs: 62EXPL: 0

Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier allows remote attackers to cause a denial of service (memory consumption). • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000685 http://secunia.com/advisories/9203 http://www.osvdb.org/17000 •

CVSS: 7.5EPSS: 1%CPEs: 70EXPL: 0

OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them. • http://secunia.com/advisories/12491 http://secunia.com/advisories/17233 http://secunia.com/advisories/21520 http://support.avaya.com/elmodocs2/security/ASA-2006-157.htm http://www.auscert.org.au/render.html?it=4363 http://www.redhat.com/support/errata/RHSA-2005-751.html http://www.securityfocus.com/advisories/7148 http://www.securityfocus.com/bid/11137 https://exchange.xforce.ibmcloud.com/vulnerabilities/17300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre&# •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation fault). • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000685 http://secunia.com/advisories/11261 http://secunia.com/advisories/9203 http://security.gentoo.org/glsa/glsa-200403-12.xml http://www.openldap.org/its/index.cgi?findid=2390 http://www.osvdb.org/17000 http://www.securityfocus.com/bid/7656 https://exchange.xforce.ibmcloud.com/vulnerabilities/12520 • CWE-824: Access of Uninitialized Pointer •

CVSS: 1.2EPSS: 0%CPEs: 1EXPL: 0

slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests. slapd en OpenLDAP2 (OpenLDAP 2) 2.2.0 y anteriores permiten a usuarios locales sobreescribir ficheros arbitrarios mediante una condición de carrera durante la creación de un fichero de registro de peticiones de replicación rechazadas. • http://www.debian.org/security/2003/dsa-227 http://www.iss.net/security_center/static/11288.php http://www.mandriva.com/security/advisories?name=MDKSA-2003:006 http://www.novell.com/linux/security/advisories/2002_047_openldap2.html http://www.redhat.com/support/errata/RHSA-2003-040.html https://access.redhat.com/security/cve/CVE-2002-1508 https://bugzilla.redhat.com/show_bug.cgi?id=1616918 •