Total
59 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0977 | 4 Debian, Mandrakesoft, Openldap and 1 more | 6 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2017-10-09 | 5.0 MEDIUM | N/A |
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. | |||||
CVE-2015-1545 | 1 Openldap | 1 Openldap | 2017-09-07 | 5.0 MEDIUM | N/A |
The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request. | |||||
CVE-2011-1081 | 1 Openldap | 1 Openldap | 2017-08-16 | 5.0 MEDIUM | N/A |
modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value for the OldDN field. | |||||
CVE-2002-1378 | 1 Openldap | 1 Openldap | 2017-07-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. | |||||
CVE-2003-1201 | 1 Openldap | 1 Openldap | 2017-07-10 | 5.0 MEDIUM | N/A |
ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation fault). | |||||
CVE-2011-1024 | 1 Openldap | 1 Openldap | 2017-01-06 | 4.6 MEDIUM | N/A |
chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server. | |||||
CVE-2011-1025 | 1 Openldap | 1 Openldap | 2017-01-06 | 6.8 MEDIUM | N/A |
bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password. | |||||
CVE-2012-1164 | 1 Openldap | 1 Openldap | 2017-01-06 | 2.6 LOW | N/A |
slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned. | |||||
CVE-2015-6908 | 2 Apple, Openldap | 2 Mac Os X, Openldap | 2016-12-21 | 5.0 MEDIUM | N/A |
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. | |||||
CVE-2014-9713 | 2 Debian, Openldap | 2 Debian Linux, Openldap | 2016-12-21 | 4.0 MEDIUM | N/A |
The default slapd configuration in the Debian openldap package 2.4.23-3 through 2.4.39-1.1 allows remote authenticated users to modify the user's permissions and other user attributes via unspecified vectors. | |||||
CVE-2013-4449 | 2 Debian, Openldap | 2 Debian Linux, Openldap | 2016-12-07 | 4.3 MEDIUM | N/A |
The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search. | |||||
CVE-2006-6493 | 1 Openldap | 1 Openldap | 2011-03-07 | 5.1 MEDIUM | N/A |
Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP is compiled with the --enable-kbind (Kerberos KBIND) option, allows remote attackers to execute arbitrary code via an LDAP bind request using the LDAP_AUTH_KRBV41 authentication method and long credential data. | |||||
CVE-2007-5708 | 1 Openldap | 1 Openldap | 2011-03-06 | 7.1 HIGH | N/A |
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated. | |||||
CVE-2004-1880 | 1 Openldap | 1 Openldap | 2008-09-10 | 5.0 MEDIUM | N/A |
Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier allows remote attackers to cause a denial of service (memory consumption). | |||||
CVE-2002-1508 | 1 Openldap | 1 Openldap | 2008-09-10 | 1.2 LOW | N/A |
slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests. | |||||
CVE-2002-1379 | 1 Openldap | 1 Openldap | 2008-09-10 | 7.5 HIGH | N/A |
OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges. | |||||
CVE-2000-0336 | 4 Mandrakesoft, Openldap, Redhat and 1 more | 4 Mandrake Linux, Openldap, Linux and 1 more | 2008-09-10 | 2.1 LOW | N/A |
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. | |||||
CVE-2005-4442 | 1 Openldap | 1 Openldap | 2008-09-05 | 7.2 HIGH | N/A |
Untrusted search path vulnerability in OpenLDAP before 2.2.28-r3 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. | |||||
CVE-2000-0748 | 1 Openldap | 1 Openldap | 2008-09-05 | 4.6 MEDIUM | N/A |
OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse. |