CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-31253 – openldap2: /usr/lib/openldap/start allows ldap user/group to recursively chown arbitrary directory trees to itself
https://notcve.org/view.php?id=CVE-2022-31253
09 Nov 2022 — A Untrusted Search Path vulnerability in openldap2 of openSUSE Factory allows local attackers with control of the ldap user or group to change ownership of arbitrary directory entries to this user/group, leading to escalation to root. This issue affects: openSUSE Factory openldap2 versions prior to 2.6.3-404.1. Una vulnerabilidad de Ruta de Búsqueda No Confiable en openldap2 de openSUSE Factory permite a atacantes locales con control del usuario o grupo ldap cambiar la propiedad de entradas de directorio ar... • https://bugzilla.suse.com/show_bug.cgi?id=1202931 • CWE-426: Untrusted Search Path •
CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 1CVE-2020-8027 – openldap uses fixed paths in /tmp
https://notcve.org/view.php?id=CVE-2020-8027
11 Feb 2021 — A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp... • https://bugzilla.suse.com/show_bug.cgi?id=1175568 • CWE-377: Insecure Temporary File •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 1CVE-2020-8023 – Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2
https://notcve.org/view.php?id=CVE-2020-8023
01 Sep 2020 — A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, S... • https://bugzilla.suse.com/show_bug.cgi?id=1172698 • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •