VYPR

Openldap

by OpenLDAP

Source repositories

CVEs (62)

  • CVE-2011-4079Oct 27, 2011
    risk 0.00cvss epss 0.04

    Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value…

  • CVE-2011-1025Mar 20, 2011
    risk 0.00cvss epss 0.04

    bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password.

  • CVE-2011-1024Mar 20, 2011
    risk 0.00cvss epss 0.03

    chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an…

  • CVE-2010-0212Jul 28, 2010
    risk 0.00cvss epss 0.06

    OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in…

  • CVE-2009-3767Oct 23, 2009
    risk 0.00cvss epss 0.03

    libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof…

  • CVE-2008-0658Feb 13, 2008
    risk 0.00cvss epss 0.03

    slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.

  • CVE-2007-6698Feb 1, 2008
    risk 0.00cvss epss 0.02

    The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerability.

  • CVE-2007-5707Oct 30, 2007
    risk 0.00cvss epss 0.04

    OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent.

  • CVE-2007-5708Oct 30, 2007
    risk 0.00cvss epss 0.03

    slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service…

  • CVE-2007-0476Jan 25, 2007
    risk 0.00cvss epss 0.00

    The gencert.sh script, when installing OpenLDAP before 2.1.30-r10, 2.2.x before 2.2.28-r7, and 2.3.x before 2.3.30-r2 as an ebuild in Gentoo Linux, does not create temporary directories in /tmp securely during emerge, which allows local users to overwrite arbitrary files via a…

  • CVE-2006-4600Sep 7, 2006
    risk 0.00cvss epss 0.03

    slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).

  • CVE-2006-2754Jun 1, 2006
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname.

  • CVE-2005-4442Dec 21, 2005
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in OpenLDAP before 2.2.28-r3 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.

  • CVE-2004-1880Dec 31, 2004
    risk 0.00cvss epss 0.02

    Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier allows remote attackers to cause a denial of service (memory consumption).

  • CVE-2004-0823Sep 7, 2004
    risk 0.00cvss epss 0.03

    OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers…

  • CVE-2003-1201Mar 20, 2003
    risk 0.00cvss epss 0.03

    ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation…

  • CVE-2002-1508Feb 19, 2003
    risk 0.00cvss epss 0.00

    slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests.

  • CVE-2002-1379Jan 2, 2003
    risk 0.00cvss epss 0.03

    OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges.

  • CVE-2002-0045Jan 31, 2002
    risk 0.00cvss epss 0.02

    slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs.

  • CVE-2001-0977Jul 16, 2001
    risk 0.00cvss epss 0.04

    slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.