Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2014-9713

Published: 01/04/2015 Updated: 22/12/2016
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Subscribe to Openldap

Vulnerability Summary

The default slapd configuration in the Debian openldap package 2.4.23-3 up to and including 2.4.39-1.1 allows remote authenticated users to modify the user's permissions and other user attributes via unspecified vectors.

Vulnerable Product Search on Vulmon Subscribe to Product

openldap openldap 2.4.23

openldap openldap 2.4.30

openldap openldap 2.4.24

openldap openldap 2.4.25

openldap openldap 2.4.32

openldap openldap 2.4.33

openldap openldap 2.4.26

openldap openldap 2.4.27

openldap openldap 2.4.34

openldap openldap 2.4.35

openldap openldap 2.4.31

openldap openldap 2.4.39

openldap openldap 2.4.28

openldap openldap 2.4.29

openldap openldap 2.4.36

openldap openldap 2.4.37

openldap openldap 2.4.38

debian debian linux 7.0

Vendor Advisories

Ubuntu Security Notice: openldap vulnerabilities
Several security issues were fixed in OpenLDAP ...
Debian CVElist Bug Report Logs: openldap: CVE-2015-1545: crashes on search with deref control and empty attr list
Debian Bug report logs - #776988 openldap: CVE-2015-1545: crashes on search with deref control and empty attr list Package: slapd; Maintainer for slapd is Debian OpenLDAP Maintainers <pkg-openldap-devel@listsaliothdebianorg>; Source for slapd is src:openldap (PTS, buildd, popcon) Reported by: Ryan Tandy <ryan@nardisca ...
Debian CVElist Bug Report Logs: slapd: CVE-2014-9713: dangerous access rule in default config
Debian Bug report logs - #761406 slapd: CVE-2014-9713: dangerous access rule in default config Package: slapd; Maintainer for slapd is Debian OpenLDAP Maintainers <pkg-openldap-devel@listsaliothdebianorg>; Source for slapd is src:openldap (PTS, buildd, popcon) Reported by: Dietrich Clauss <dietrich@clauss-itcom> ...
Debian Security Advisories: DSA-3209-1 openldap -- security update
Multiple vulnerabilities were found in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol CVE-2013-4449 Michael Vishchers from Seven Principles AG discovered a denial of service vulnerability in slapd, the directory server implementation When the server is configured to used the RWM overlay, an attacker ...

References

CWE-264https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=761406http://www.openwall.com/lists/oss-security/2015/03/29/2http://www.debian.org/security/2015/dsa-3209http://www.securityfocus.com/bid/73217http://www.ubuntu.com/usn/USN-2742-1https://usn.ubuntu.com/2742-1/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook