Page 8 of 43 results (0.043 seconds)

CVSS: 5.0EPSS: 1%CPEs: 62EXPL: 0

Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier allows remote attackers to cause a denial of service (memory consumption). • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000685 http://secunia.com/advisories/9203 http://www.osvdb.org/17000 •

CVSS: 7.5EPSS: 1%CPEs: 70EXPL: 0

OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them. • http://secunia.com/advisories/12491 http://secunia.com/advisories/17233 http://secunia.com/advisories/21520 http://support.avaya.com/elmodocs2/security/ASA-2006-157.htm http://www.auscert.org.au/render.html?it=4363 http://www.redhat.com/support/errata/RHSA-2005-751.html http://www.securityfocus.com/advisories/7148 http://www.securityfocus.com/bid/11137 https://exchange.xforce.ibmcloud.com/vulnerabilities/17300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre&# •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation fault). • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000685 http://secunia.com/advisories/11261 http://secunia.com/advisories/9203 http://security.gentoo.org/glsa/glsa-200403-12.xml http://www.openldap.org/its/index.cgi?findid=2390 http://www.osvdb.org/17000 http://www.securityfocus.com/bid/7656 https://exchange.xforce.ibmcloud.com/vulnerabilities/12520 • CWE-824: Access of Uninitialized Pointer •

CVSS: 1.2EPSS: 0%CPEs: 1EXPL: 0

slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests. slapd en OpenLDAP2 (OpenLDAP 2) 2.2.0 y anteriores permiten a usuarios locales sobreescribir ficheros arbitrarios mediante una condición de carrera durante la creación de un fichero de registro de peticiones de replicación rechazadas. • http://www.debian.org/security/2003/dsa-227 http://www.iss.net/security_center/static/11288.php http://www.mandriva.com/security/advisories?name=MDKSA-2003:006 http://www.novell.com/linux/security/advisories/2002_047_openldap2.html http://www.redhat.com/support/errata/RHSA-2003-040.html https://access.redhat.com/security/cve/CVE-2002-1508 https://bugzilla.redhat.com/show_bug.cgi?id=1616918 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges. Múltiples vulnerabilidades desconocidas en OpenLDAP2 (OpenLDAP2) 2.2.0 y anteriores, que no son desbordamientos de búfer como los descritos en CAN-2002-1378, permiten atacantes remotos o locales ejecutar código arbitrario. • http://www.debian.org/security/2003/dsa-227 http://www.mandriva.com/security/advisories?name=MDKSA-2003:006 http://www.novell.com/linux/security/advisories/2002_047_openldap2.html https://access.redhat.com/security/cve/CVE-2002-1379 https://bugzilla.redhat.com/show_bug.cgi?id=1616900 •