Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openldap
(Openldap)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 59 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-01-02 | CVE-2002-1378 | Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. | Openldap | N/A | ||
| 2002-01-31 | CVE-2002-0045 | slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs. | Openldap, Linux | N/A | ||
| 2001-07-16 | CVE-2001-0977 | slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. | Debian_linux, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_single_network_firewall, Openldap, Linux | N/A | ||
| 2000-10-20 | CVE-2000-0748 | OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse. | Openldap | N/A | ||
| 2000-04-21 | CVE-2000-0336 | Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. | Mandrake_linux, Openldap, Linux, Turbolinux | N/A |