Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openldap vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2004-1997
Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges.
Kolab Kolab Groupware Server 1.0.7
Kolab Kolab Groupware Server 1.0.8
Kolab Kolab Groupware Server 1.0.5
Kolab Kolab Groupware Server 1.0.6
Kolab Kolab Groupware Server 1.0
Openpkg Openpkg 2.0
Kolab Kolab Groupware Server 1.0.1
Kolab Kolab Groupware Server 1.0.3
10
CVSSv2
CVE-2000-0747
The logrotate script for OpenLDAP prior to 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it.
Conectiva Linux 5.0
Conectiva Linux 4.1
Conectiva Linux 4.2
5
CVSSv2
CVE-2019-20902
Upgrading Crowd via XML Data Transfer can reactivate a disabled user from OpenLDAP. The affected versions are from before version 3.4.6 and from 3.5.0 prior to 3.5.1.
Atlassian Crowd
4.3
CVSSv2
CVE-2013-5185
The ldapsearch command-line program in OpenLDAP in Apple Mac OS X prior to 10.9 does not properly process the minssf configuration setting, which allows remote malicious users to obtain sensitive information by leveraging unintended weak encryption and sniffing the network.
Apple Mac Os X
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.5
4.9
CVSSv2
CVE-2008-2330
slapconfig in Directory Services in Apple Mac OS X 10.5 up to and including 10.5.4 allows local users to select a readable output file into which the server password will be written by an OpenLDAP system administrator, related to the mkfifo function, aka an "insecure file op...
Apple Mac Os X Server 10.5.2
Apple Mac Os X Server 10.5.4
Apple Mac Os X Server 10.4.11
Apple Mac Os X Server 10.5
Apple Mac Os X Server 10.5.1
Apple Mac Os X Server 10.5.3
4.6
CVSSv2
CVE-2007-0476
The gencert.sh script, when installing OpenLDAP prior to 2.1.30-r10, 2.2.x prior to 2.2.28-r7, and 2.3.x prior to 2.3.30-r2 as an ebuild in Gentoo Linux, does not create temporary directories in /tmp securely during emerge, which allows local users to overwrite arbitrary files vi...
Gentoo Linux 2.2.28
Gentoo Linux 2.3.30
Gentoo Linux 2.1.30
5
CVSSv2
CVE-2009-1417
gnutls-cli in GnuTLS prior to 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote malicious users to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls...
Gnu Gnutls 1.0.22
Gnu Gnutls 1.0.23
Gnu Gnutls 1.0.24
Gnu Gnutls 1.1.21
Gnu Gnutls 1.1.20
Gnu Gnutls 1.1.15
Gnu Gnutls 1.0.25
Gnu Gnutls 1.2.3
Gnu Gnutls 1.2.2
Gnu Gnutls 1.3.4
Gnu Gnutls 1.2.7
Gnu Gnutls 1.5.0
Gnu Gnutls 1.4.4
Gnu Gnutls 1.6.2
Gnu Gnutls 1.5.5
Gnu Gnutls 1.7.14
Gnu Gnutls 1.7.15
Gnu Gnutls 1.0.18
Gnu Gnutls 1.0.19
Gnu Gnutls 1.1.19
Gnu Gnutls 1.1.16
Gnu Gnutls 1.2.1
5
CVSSv2
CVE-2019-19906
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
Cyrusimap Cyrus-sasl
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Web Server 2.0.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 8.0
Apple Mac Os X 10.14.6
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
2.1
CVSSv2
CVE-2008-3539
Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in HPSI Active Directory Connector 2.30 and previous versions, HPSI SunOne Connector 1.14 and previous versions, HPSI eDirectory Connector 1.12 and previous versions, HPSI eTrust Connec...
Hp Hpsi Active Directory Connector
Hp Hpsi Edirectory Connector
Hp Hpsi Openldap Connector
Hp Hpsi Bidir Dirx Connector
Hp Ibm Tivoli Dir Connector
Hp Hpsi Topsecret Connector
Hp Hpsi Etrust Connector
Hp Hpsi Oid Connector
Hp Hpsi Sunone Connector
Hp Hpsi Racf Connector
Hp Hpsi Acf2 Connector
2.6
CVSSv2
CVE-2006-1721
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions prior to 2.1.21, allows remote unauthenticated malicious users to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation...
Cyrus Sasl 2.1.18 R1
Cyrus Sasl 2.1.18 R2
Cyrus Sasl 2.1.19
Cyrus Sasl 2.1.20
Cyrus Sasl 2.1.18
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »