VYPR

rpm package

suse/openldap2&distro=SUSE Linux Enterprise Server 12 SP1-LTSS

pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Vulnerabilities (5)

  • CVE-2020-12243HigApr 28, 2020
    affected < 2.4.41-18.24.17.1fixed 2.4.41-18.24.17.1

    In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).

  • CVE-2019-13565HigJul 26, 2019
    affected < 2.4.41-18.24.17.1fixed 2.4.41-18.24.17.1

    An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covere

  • CVE-2019-13057MedJul 26, 2019
    affected < 2.4.41-18.24.17.1fixed 2.4.41-18.24.17.1

    An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from reque

  • CVE-2017-17740HigDec 18, 2017
    affected < 2.4.41-18.24.9.7fixed 2.4.41-18.24.9.7

    contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN ope

  • CVE-2017-9287MedMay 29, 2017
    affected < 2.4.41-18.24.9.7fixed 2.4.41-18.24.9.7

    servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.