Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat directory server 8.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2008-1677
Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote malicious users to cause a denial of service (slapd crash) and possibly execute arbitrary code via a crafted LDAP query that triggers the overflow during translation...
Redhat Directory Server 7.1
Redhat Directory Server 8.0
Redhat Fedora Directory Server 1.1
383
VMScore
CVE-2008-2929
Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote ma...
Redhat Directory Server 8.0
Redhat Directory Server 7.1
Fedora Directory Server
169
VMScore
CVE-2010-3282
389 Directory Server prior to 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local ...
Hp Hp-ux Directory Server
Redhat Redhat Directory Server
Fedoraproject 389 Directory Server
Redhat Directory Server 8.0
356
VMScore
CVE-2013-4485
389 Directory Server 1.2.11.15 (aka Red Hat Directory Server prior to 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.
Redhat Enterprise Linux 6.0
Redhat Directory Server
Redhat Directory Server 8.1
Redhat Directory Server 7.1
Redhat Directory Server 8.0
Fedoraproject 389 Directory Server 1.2.11.15
445
VMScore
CVE-2010-2222
The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows malicious users to cause a denial of service (NULL pointer dereference) via a crafted search query.
Redhat Directory Server 8.0
Redhat 389 Directory Server -
187
VMScore
CVE-2010-2241
The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for Red Hat Directory Server 8 prior to 8.2 use world-readable permissions when creating cache files, which allows local users to obtain sensitive information including passwords for Directory and Administration Server a...
Redhat Directory Server 8.1
Redhat Directory Server 8.0
694
VMScore
CVE-2008-3283
Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and previous versions allow remote malicious users to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind...
Redhat Directory Server 7.1
Redhat Directory Server 8.0
Fedora Directory Server 1.1.1
715
VMScore
CVE-2008-2930
Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote malicious users to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to a single-threaded regula...
Redhat Directory Server 7.1
Redhat Directory Server 8.0
Fedora Directory Server 1.1.1
1 EDB exploit
445
VMScore
CVE-2020-35518
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated malicious user to check the existence of an entry in the LDAP database.
Redhat 389 Directory Server
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Directory Server 11.0
187
VMScore
CVE-2008-0889
Red Hat Directory Server 8.0, when running on Red Hat Enterprise Linux, uses insecure permissions for the redhat-idm-console script, which allows local users to execute arbitrary code by modifying the script.
Redhat Directory Server 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »