CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1379
https://notcve.org/view.php?id=CVE-2002-1379
OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges. Múltiples vulnerabilidades desconocidas en OpenLDAP2 (OpenLDAP2) 2.2.0 y anteriores, que no son desbordamientos de búfer como los descritos en CAN-2002-1378, permiten atacantes remotos o locales ejecutar código arbitrario. • http://www.debian.org/security/2003/dsa-227 http://www.mandriva.com/security/advisories?name=MDKSA-2003:006 http://www.novell.com/linux/security/advisories/2002_047_openldap2.html https://access.redhat.com/security/cve/CVE-2002-1379 https://bugzilla.redhat.com/show_bug.cgi?id=1616900 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2002-0045
https://notcve.org/view.php?id=CVE-2002-0045
slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs. sldap en OpenLDAP 2.0 a 2.0.19 permite a usuarios locales, y a usuarios anónimos en versiones anteriores a 2.0.8, llevar a cabo una acción "replace" en controles de acceso sin valores, lo que causa que OpenLDAP borre atributos no mandatorios que de otra forma estarían protegidos por listas de control de accesso (ACL). • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-001.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000459 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:013 http://www.openldap.org/lists/openldap-announce/200201/msg00002.html http://www.osvdb.org/5395 http://www.redhat.com/support/errata/RHSA-2002-014.html http://www.securityfocus.com/bid/3945 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0201-020 https://exchange.x •