Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openldap openldap vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0476
The gencert.sh script, when installing OpenLDAP prior to 2.1.30-r10, 2.2.x prior to 2.2.28-r7, and 2.3.x prior to 2.3.30-r2 as an ebuild in Gentoo Linux, does not create temporary directories in /tmp securely during emerge, which allows local users to overwrite arbitrary files vi...
Gentoo Linux 2.2.28
Gentoo Linux 2.3.30
Gentoo Linux 2.1.30
NA
CVE-2006-6493
Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and previous versions, when OpenLDAP is compiled with the --enable-kbind (Kerberos KBIND) option, allows remote malicious users to execute arbitrary code via an LDAP bind request using t...
Openldap Openldap 1.0.3
Openldap Openldap 1.1
Openldap Openldap 1.1.0
Openldap Openldap 1.2.1
Openldap Openldap 1.2.10
Openldap Openldap 1.2.5
Openldap Openldap 1.2.6
Openldap Openldap 2.0.11
Openldap Openldap 2.0.11 11
Openldap Openldap 2.0.16
Openldap Openldap 2.0.17
Openldap Openldap 2.0.23
Openldap Openldap 2.0.24
Openldap Openldap 2.0.7
Openldap Openldap 2.0.8
Openldap Openldap 2.1.15
Openldap Openldap 2.1.16
Openldap Openldap 2.1.22
Openldap Openldap 2.1.23
Openldap Openldap 2.1.30
Openldap Openldap 2.1.4
Openldap Openldap 2.2.0
1 EDB exploit
NA
CVE-2006-4600
slapd in OpenLDAP prior to 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).
Openldap Openldap 2.0.20
Openldap Openldap 2.0.23
Openldap Openldap 2.0.24
Openldap Openldap 2.0.21
Openldap Openldap 2.0.22
NA
CVE-2006-1470
OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote malicious users to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error.
Apple Mac Os X 10.4.3
Apple Mac Os X 10.4.4
Apple Mac Os X Server 10.4.4
Apple Mac Os X Server 10.4.5
Apple Mac Os X 10.4.1
Apple Mac Os X 10.4.2
Apple Mac Os X Server 10.4.2
Apple Mac Os X Server 10.4.3
Apple Mac Os X 10.4.5
Apple Mac Os X 10.4.6
Apple Mac Os X Server 10.4.6
Apple Mac Os X 10.4
Apple Mac Os X Server 10.4
Apple Mac Os X Server 10.4.1
1 EDB exploit
NA
CVE-2006-2754
Stack-based buffer overflow in st.c in slurpd for OpenLDAP prior to 2.3.22 might allow malicious users to execute arbitrary code via a long hostname.
Openldap Openldap 2.2.14
Openldap Openldap 2.2.15
Openldap Openldap 2.2.16
Openldap Openldap 2.2.17
Openldap Openldap 2.2.11
Openldap Openldap 2.2.12
Openldap Openldap 2.2.13
Openldap Openldap 2.2.20
Openldap Openldap 2.2.21
Openldap Openldap 2.2.1
Openldap Openldap 2.2.18
Openldap Openldap 2.2.19
NA
CVE-2006-1721
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions prior to 2.1.21, allows remote unauthenticated malicious users to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation...
Cyrus Sasl 2.1.18 R1
Cyrus Sasl 2.1.18 R2
Cyrus Sasl 2.1.19
Cyrus Sasl 2.1.20
Cyrus Sasl 2.1.18
NA
CVE-2005-4442
Untrusted search path vulnerability in OpenLDAP prior to 2.2.28-r3 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Openldap Openldap 2.0.13
Openldap Openldap 2.0.15
Openldap Openldap 2.0.21
Openldap Openldap 2.0.23
Openldap Openldap 2.0.3
Openldap Openldap 2.0.5
Openldap Openldap 2.1.12
Openldap Openldap 2.1.14
Openldap Openldap 2.1.20
Openldap Openldap 2.1.22
Openldap Openldap 2.1.27
Openldap Openldap 2.1.29
Openldap Openldap 2.1.8
Openldap Openldap 2.2.10
Openldap Openldap 2.2.17
Openldap Openldap 2.2.19
Openldap Openldap 2.2.24
Openldap Openldap 2.2.26
Openldap Openldap 2.2.9
Openldap Openldap 2.0.12
Openldap Openldap 2.0.14
Openldap Openldap 2.0.16
NA
CVE-2005-2641
Unknown vulnerability in pam_ldap prior to 180 does not properly handle a new password policy control, which could allow malicious users to gain privileges. NOTE: CVE-2005-2497 had also been assigned to this issue, but CVE-2005-2641 is the correct candidate.
Padl Software Pam Ldap
NA
CVE-2005-2069
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote malicious users to sniff the password.
Padl Nss Ldap -
Padl Pam Ldap -
NA
CVE-2004-1880
Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and previous versions allows remote malicious users to cause a denial of service (memory consumption).
Openldap Openldap 1.0
Openldap Openldap 1.1.1
Openldap Openldap 1.1.3
Openldap Openldap 1.2.0
Openldap Openldap 1.2.13
Openldap Openldap 1.2.3
Openldap Openldap 2.0.0
Openldap Openldap 2.0.10
Openldap Openldap 2.0.17
Openldap Openldap 2.0.19
Openldap Openldap 2.0.23
Openldap Openldap 1.0.1
Openldap Openldap 1.0.2
Openldap Openldap 1.0.3
Openldap Openldap 1.1.0
Openldap Openldap 1.2.5
Openldap Openldap 1.2.6
Openldap Openldap 1.2.7
Openldap Openldap 1.2.8
Openldap Openldap 2.0.2
Openldap Openldap 2.0.20
Openldap Openldap 2.0.21
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »