CVE-2002-1378
https://notcve.org/view.php?id=CVE-2002-1378
Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. Múltiples desbordamientos de búfer en OpenLDAP22 (OpenLDAP 2) 2.2.0 y anteriores permiten a atacantes remotos ejecutar código arbitrario. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000556 http://www.ciac.org/ciac/bulletins/n-043.shtml http://www.debian.org/security/2003/dsa-227 http://www.linuxsecurity.com/advisories/gentoo_advisory-2704.html http://www.mandriva.com/security/advisories?name=MDKSA-2003:006 http://www.novell.com/linux/security/advisories/2002_047_openldap2.html http://www.redhat.com/support/errata/RHSA-2003-040.html http://www.securityfocus.com/advisories/4827 http://www.securityfocus •
CVE-2002-1379
https://notcve.org/view.php?id=CVE-2002-1379
OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges. Múltiples vulnerabilidades desconocidas en OpenLDAP2 (OpenLDAP2) 2.2.0 y anteriores, que no son desbordamientos de búfer como los descritos en CAN-2002-1378, permiten atacantes remotos o locales ejecutar código arbitrario. • http://www.debian.org/security/2003/dsa-227 http://www.mandriva.com/security/advisories?name=MDKSA-2003:006 http://www.novell.com/linux/security/advisories/2002_047_openldap2.html https://access.redhat.com/security/cve/CVE-2002-1379 https://bugzilla.redhat.com/show_bug.cgi?id=1616900 •