Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 05/09/2017 Updated: 13/06/2022

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1

VMScore: 170

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P

slapd in OpenLDAP 2.4.45 and previous versions creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command, as demonstrated by openldap-initscript.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openldap openldap
oracle blockchain platform

CWE-665 http://www.openldap.org/its/index.cgi?findid=8703 https://www.oracle.com/security-alerts/cpuapr2022.html https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-14159

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect