Directory Server
by Netscape
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-1075 | 0.03 | — | 0.06 | Dec 11, 2000 | Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services. | |||
| CVE-2004-0826 | 0.02 | — | 0.23 | Dec 31, 2004 | Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. | |||
| CVE-2004-1236 | 0.01 | — | 0.09 | Dec 31, 2004 | Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code. | |||
| CVE-1999-0007 | 0.01 | — | 0.08 | Jun 26, 1998 | Information from SSL-encrypted sessions via PKCS #1. | |||
| CVE-2023-40378 | 0.00 | — | 0.00 | Oct 15, 2023 | IBM Directory Server for IBM i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263584. | |||
| CVE-2001-0164 | 0.00 | — | 0.02 | Jun 2, 2001 | Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field. | |||
| CVE-2000-1076 | 0.00 | — | 0.02 | Dec 11, 2000 | Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. | |||
| CVE-1999-0807 | 0.00 | — | 0.00 | May 1, 1999 | The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users. |
- CVE-2000-1075Dec 11, 2000risk 0.03cvss —epss 0.06
Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.
- CVE-2004-0826Dec 31, 2004risk 0.02cvss —epss 0.23
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
- CVE-2004-1236Dec 31, 2004risk 0.01cvss —epss 0.09
Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code.
- CVE-1999-0007Jun 26, 1998risk 0.01cvss —epss 0.08
Information from SSL-encrypted sessions via PKCS #1.
- CVE-2023-40378Oct 15, 2023risk 0.00cvss —epss 0.00
IBM Directory Server for IBM i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263584.
- CVE-2001-0164Jun 2, 2001risk 0.00cvss —epss 0.02
Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field.
- CVE-2000-1076Dec 11, 2000risk 0.00cvss —epss 0.02
Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server.
- CVE-1999-0807May 1, 1999risk 0.00cvss —epss 0.00
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.