| CVE-2000-0987 | | 0.03 | — | 0.00 | | Dec 19, 2000 | Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter. |
| CVE-2001-0975 | | 0.01 | — | 0.07 | | Jul 16, 2001 | Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. |
| CVE-2001-0974 | | 0.00 | — | 0.03 | | Jul 17, 2001 | Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. |
| CVE-2001-1321 | | 0.00 | — | 0.03 | | Jul 16, 2001 | Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER values, as demonstrated by the PROTOS LDAPv3 test suite. |
| CVE-2001-0300 | | 0.00 | — | 0.01 | | Jun 2, 2001 | oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack. |
