Page 9 of 45 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges. Múltiples vulnerabilidades desconocidas en OpenLDAP2 (OpenLDAP2) 2.2.0 y anteriores, que no son desbordamientos de búfer como los descritos en CAN-2002-1378, permiten atacantes remotos o locales ejecutar código arbitrario. • http://www.debian.org/security/2003/dsa-227 http://www.mandriva.com/security/advisories?name=MDKSA-2003:006 http://www.novell.com/linux/security/advisories/2002_047_openldap2.html https://access.redhat.com/security/cve/CVE-2002-1379 https://bugzilla.redhat.com/show_bug.cgi?id=1616900 •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs. sldap en OpenLDAP 2.0 a 2.0.19 permite a usuarios locales, y a usuarios anónimos en versiones anteriores a 2.0.8, llevar a cabo una acción "replace" en controles de acceso sin valores, lo que causa que OpenLDAP borre atributos no mandatorios que de otra forma estarían protegidos por listas de control de accesso (ACL). • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-001.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000459 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:013 http://www.openldap.org/lists/openldap-announce/200201/msg00002.html http://www.osvdb.org/5395 http://www.redhat.com/support/errata/RHSA-2002-014.html http://www.securityfocus.com/bid/3945 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0201-020 https://exchange.x •

CVSS: 5.0EPSS: 2%CPEs: 39EXPL: 0

slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000417 http://www.cert.org/advisories/CA-2001-18.html http://www.debian.org/security/2001/dsa-068 http://www.kb.cert.org/vuls/id/935800 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3 http://www.osvdb.org/1905 http://www.redhat.com/support/errata/RHSA-2001-098.html http://www.securityfocus.com/bid/3049 https://exchange.xforce.ibmcloud.com/vulnerabilities/6904 •

CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0

OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse. • http://archives.neohapsis.com/archives/bugtraq/2000-07/0375.html http://www.securityfocus.com/bid/1511 •

CVSS: 2.1EPSS: 0%CPEs: 15EXPL: 1

Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. • https://www.exploit-db.com/exploits/19946 ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-009.0.txt http://www.redhat.com/support/errata/RHSA-2000-012.html http://www.securityfocus.com/bid/1232 http://www.turbolinux.com/pipermail/tl-security-announce/2000-May/000009.html •