rpm package
suse/openldap2-client&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
pkg:rpm/suse/openldap2-client&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-12243 | — | < 2.4.41-18.24.17.1 | 2.4.41-18.24.17.1 | Apr 28, 2020 | In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). | ||
| CVE-2019-13565 | — | < 2.4.41-18.24.17.1 | 2.4.41-18.24.17.1 | Jul 26, 2019 | An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covere | ||
| CVE-2019-13057 | — | < 2.4.41-18.24.17.1 | 2.4.41-18.24.17.1 | Jul 26, 2019 | An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from reque | ||
| CVE-2017-17740 | Hig | 7.5 | < 2.4.41-18.24.9.1 | 2.4.41-18.24.9.1 | Dec 18, 2017 | contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN ope | |
| CVE-2017-9287 | Med | 6.5 | < 2.4.41-18.24.9.1 | 2.4.41-18.24.9.1 | May 29, 2017 | servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. | |
| CVE-2015-6908 | — | < 2.4.41-18.13.1 | 2.4.41-18.13.1 | Sep 11, 2015 | The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. | ||
| CVE-2015-4000 | Low | 3.7 | < 2.4.41-18.13.1 | 2.4.41-18.13.1 | May 21, 2015 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by D |
- CVE-2020-12243Apr 28, 2020affected < 2.4.41-18.24.17.1fixed 2.4.41-18.24.17.1
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).
- CVE-2019-13565Jul 26, 2019affected < 2.4.41-18.24.17.1fixed 2.4.41-18.24.17.1
An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covere
- CVE-2019-13057Jul 26, 2019affected < 2.4.41-18.24.17.1fixed 2.4.41-18.24.17.1
An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from reque
- affected < 2.4.41-18.24.9.1fixed 2.4.41-18.24.9.1
contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN ope
- affected < 2.4.41-18.24.9.1fixed 2.4.41-18.24.9.1
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.
- CVE-2015-6908Sep 11, 2015affected < 2.4.41-18.13.1fixed 2.4.41-18.13.1
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.
- affected < 2.4.41-18.13.1fixed 2.4.41-18.13.1
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by D