Download
| Alert*
|
oval:org.secpod.oval:def:602228
Denis Andzakovic discovered that OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, does not properly handle BER data. An unauthenticated remote attacker can use this flaw to cause a denial of service via a specially crafted packet. oval:org.secpod.oval:def:32288 The host is installed with Apple Mac OS X or Server 10.11.x before 10.11.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted BER data. Successful exploitation could allow remote attackers to cause a denial of service (re ... oval:org.secpod.oval:def:1501180 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:501660 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:52574 openldap: OpenLDAP utilities Several security issues were fixed in OpenLDAP. oval:org.secpod.oval:def:1501181 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:203737 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:203736 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:203735 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:1501179 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:1200169 A flaw was found in the way the OpenLDAP server daemon parsed certain Basic Encoding Rules data. A remote attacker could use this flaw to crash slapd via a specially crafted packet oval:org.secpod.oval:def:89045185 This update fixes the following security issue: - CVE-2015-6908. Passing a crafted packet to the function ber_get_next, an attacker may cause a remote denial of service, crashing the OpenLDAP server . oval:org.secpod.oval:def:702746 openldap: OpenLDAP utilities Several security issues were fixed in OpenLDAP. oval:org.secpod.oval:def:400696 This update fixes the following security issues: - CVE-2015-6908: The ber_get_next function allowed remote attackers to cause a denial of service via crafted BER data, as demonstrated by an attack against slapd. - CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. It also fixes the follow ... oval:org.secpod.oval:def:702087 The host is missing a security update according to Apple advisory, APPLE-SA-2015-12-08-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code, dis ... |
