Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
directory server vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2019-4541
IBM Security Directory Server 6.4.0 uses incomplete blacklisting for input validation which allows malicious users to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 165814.
Ibm Security Directory Server
5.3
CVSSv3
CVE-2019-4551
IBM Security Directory Server 6.4.0 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 165953.
Ibm Security Directory Server
5.3
CVSSv3
CVE-2019-4562
IBM Security Directory Server 6.4.0 stores sensitive information in URLs. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referer header or browser history. IBM X-Force ID: 166623.
Ibm Security Directory Server
NA
CVE-2013-0312
389 Directory Server prior to 1.3.0.4 allows remote malicious users to cause a denial of service (crash) via a zero length LDAP control sequence.
Fedoraproject 389 Directory Server
4.6
CVSSv3
CVE-2019-10224
A flaw has been found in 389-ds-base versions 1.4.x.x prior to 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard e...
Fedoraproject 389 Directory Server
NA
CVE-2008-2928
Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header.
Redhat Directory Server 7.1
NA
CVE-2001-1306
iPlanet Directory Server 4.1.4 and previous versions (LDAP) allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstrated by the PROTOS LDAPv3 test suite.
Sun Iplanet Directory Server
NA
CVE-2001-1307
Buffer overflows in iPlanet Directory Server 4.1.4 and previous versions (LDAP) allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
Sun Iplanet Directory Server
NA
CVE-2001-1308
Format string vulnerabilities in iPlanet Directory Server 4.1.4 and previous versions (LDAP) allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
Sun Iplanet Directory Server
9.1
CVSSv3
CVE-2022-33164
IBM Security Directory Server 7.2.0 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view or write to arbitrary files on the system. IBM X-Force ID:...
Ibm Security Directory Server 7.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »