VYPR

Openldap

by OpenLDAP

Source repositories

CVEs (62)

  • CVE-2010-0211CriJul 28, 2010
    risk 0.69cvss 9.8epss 0.29

    The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN…

  • CVE-2006-5779HigNov 7, 2006
    risk 0.55cvss 7.5epss 0.75

    OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.

  • CVE-2017-17740HigDec 18, 2017
    risk 0.49cvss 7.5epss 0.07

    contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN…

  • CVE-2015-3276HigDec 7, 2015
    risk 0.49cvss 7.5epss 0.05

    The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.

  • CVE-2017-9287MedMay 29, 2017
    risk 0.43cvss 6.5epss 0.07

    servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.

  • CVE-2017-14159MedSep 5, 2017
    risk 0.31cvss 4.7epss 0.00

    slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat…

  • CVE-2016-4984MedJul 17, 2017
    risk 0.31cvss 4.7epss 0.00

    /usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it.

  • CVE-2015-6908Sep 11, 2015
    risk 0.05cvss epss 0.20

    The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.

  • CVE-2011-1081Mar 20, 2011
    risk 0.04cvss epss 0.14

    modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value for the OldDN field.

  • CVE-2008-2952Jul 1, 2008
    risk 0.04cvss epss 0.13

    liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error.

  • CVE-2006-6493Dec 13, 2006
    risk 0.04cvss epss 0.09

    Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP is compiled with the --enable-kbind (Kerberos KBIND) option, allows remote attackers to execute arbitrary code via an LDAP bind request using the…

  • CVE-2020-25709May 18, 2021
    risk 0.03cvss epss 0.03

    A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.

  • CVE-2000-0336Apr 21, 2000
    risk 0.03cvss epss 0.01

    Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.

  • CVE-2021-27212Feb 14, 2021
    risk 0.02cvss epss 0.64

    In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.

  • CVE-2022-29155May 4, 2022
    risk 0.01cvss epss 0.70

    In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack…

  • CVE-2020-25710May 28, 2021
    risk 0.01cvss epss 0.03

    A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.

  • CVE-2020-12243Apr 28, 2020
    risk 0.01cvss epss 0.04

    In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).

  • CVE-2015-1545Feb 12, 2015
    risk 0.01cvss epss 0.11

    The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request.

  • CVE-2013-4449Feb 5, 2014
    risk 0.01cvss epss 0.11

    The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while…

  • CVE-2002-1378Jan 2, 2003
    risk 0.01cvss epss 0.07

    Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious…

Page 1 of 4