Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
directory server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-0164
Buffer overflow in Netscape Directory Server 4.12 and previous versions allows remote malicious users to cause a denial of service or execute arbitrary commands via a malformed recipient field.
Netscape Directory Server
NA
CVE-2008-0890
Red Hat Directory Server 7.1 before SP4 uses insecure permissions for certain directories, which allows local users to modify JAR files and execute arbitrary code via unknown vectors.
Redhat Directory Server
5.3
CVSSv3
CVE-2020-35518
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated malicious user to check the existence of an entry in the LDAP database.
Redhat 389 Directory Server
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Directory Server 11.0
NA
CVE-2008-2928
Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header.
Redhat Directory Server 7.1
NA
CVE-2001-1306
iPlanet Directory Server 4.1.4 and previous versions (LDAP) allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstrated by the PROTOS LDAPv3 test suite.
Sun Iplanet Directory Server
7.5
CVSSv3
CVE-2019-4540
IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 165813.
Ibm Security Directory Server
7.2
CVSSv3
CVE-2019-4541
IBM Security Directory Server 6.4.0 uses incomplete blacklisting for input validation which allows malicious users to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 165814.
Ibm Security Directory Server
6.1
CVSSv3
CVE-2019-4548
IBM Security Directory Server 6.4.0 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly lau...
Ibm Security Directory Server
5.3
CVSSv3
CVE-2019-4550
IBM Security Directory Server 6.4.0 is deployed with active debugging code that can create unintended entry points. IBM X-Force ID: 165952.
Ibm Security Directory Server
5.3
CVSSv3
CVE-2019-4562
IBM Security Directory Server 6.4.0 stores sensitive information in URLs. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referer header or browser history. IBM X-Force ID: 166623.
Ibm Security Directory Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »