Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pam ldap vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2005-2641
Unknown vulnerability in pam_ldap prior to 180 does not properly handle a new password policy control, which could allow malicious users to gain privileges. NOTE: CVE-2005-2497 had also been assigned to this issue, but CVE-2005-2641 is the correct candidate.
Padl Software Pam Ldap
890
VMScore
CVE-2003-0734
Unknown vulnerability in the pam_filter mechanism in pam_ldap before version 162, when LDAP based authentication is being used, allows users to bypass host-based access restrictions and log onto the system.
Padl Software Pam Ldap
668
VMScore
CVE-2002-0374
Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows malicious users to execute arbitrary code via format strings in the configuration file name.
Padl Software Pam Ldap
668
VMScore
CVE-2002-0735
Format string vulnerability in the logging() function in C-Note Squid LDAP authentication module (squid_auth_LDAP) 2.0.2 and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary code by triggering log messages.
Padl Software Nss Ldap Build 184
Padl Software Nss Ldap Build 185
Padl Software Nss Ldap Build 189
Padl Software Pam Ldap Build 143
Padl Software Nss Ldap Build 181
Padl Software Nss Ldap Build 183
Padl Software Nss Ldap Build 187
Padl Software Nss Ldap Build 188
C-note Squid Auth Ldap 1.2 B2
C-note Squid Auth Ldap 2.0
Padl Software Nss Ldap Build 180
Padl Software Nss Ldap Build 185.3
Padl Software Nss Ldap Build 186
C-note Squid Auth Ldap 1.0.1
C-note Squid Auth Ldap 1.0.2 Beta
Padl Software Nss Ldap Build 185.1
Padl Software Nss Ldap Build 185.2
605
VMScore
CVE-2013-0288
nss-pam-ldapd prior to 0.7.18 and 0.8.x prior to 0.8.11 allows context-dependent malicious users to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which ...
Arthurdejong Nss-pam-ldapd 0.8.2
Arthurdejong Nss-pam-ldapd 0.8.9
Arthurdejong Nss-pam-ldapd 0.8.7
Arthurdejong Nss-pam-ldapd 0.8.1
Arthurdejong Nss-pam-ldapd 0.8.5
Arthurdejong Nss-pam-ldapd 0.8.3
Arthurdejong Nss-pam-ldapd 0.8.0
Arthurdejong Nss-pam-ldapd 0.8.10
Arthurdejong Nss-pam-ldapd 0.8.4
Arthurdejong Nss-pam-ldapd 0.8.6
Arthurdejong Nss-pam-ldapd 0.8.8
Arthurdejong Nss-pam-ldapd 0.2.1
Arthurdejong Nss-pam-ldapd 0.6.10
Arthurdejong Nss-pam-ldapd 0.6.5
Arthurdejong Nss-pam-ldapd 0.7.10
Arthurdejong Nss-pam-ldapd 0.7.7
Arthurdejong Nss-pam-ldapd 0.7.15
Arthurdejong Nss-pam-ldapd 0.6.8
Arthurdejong Nss-pam-ldapd 0.6.7.1
Arthurdejong Nss-pam-ldapd 0.7.8
Arthurdejong Nss-pam-ldapd 0.6.0
Arthurdejong Nss-pam-ldapd 0.2
605
VMScore
CVE-2011-0438
nslcd/pam.c in the nss-pam-ldapd 0.8.0 PAM module returns a success code when a user is not found in LDAP, which allows remote malicious users to bypass authentication.
Arthurdejong Nss-pam-ldapd 0.8.0
445
VMScore
CVE-2005-2069
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote malicious users to sniff the password.
Padl Nss Ldap -
Padl Pam Ldap -
NA
CVE-2024-5072
Improper input validation in PAM JIT elevation feature in Devolutions Server 2024.1.11.0 and previous versions allows an authenticated user with access to the PAM JIT elevation feature to manipulate the LDAP filter query via a specially crafted request.
383
VMScore
CVE-2017-11501
NixOS 17.03 and previous versions has an unintended default absence of SSL Certificate Validation for LDAP. The users.ldap NixOS module implements user authentication against LDAP servers via a PAM module. It was found that if TLS is enabled to connect to the LDAP server with use...
Nixos Project Nixos
890
VMScore
CVE-2016-0693
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module.
Oracle Solaris 11.3
Oracle Solaris 10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »