Download
| Alert*
oval:org.secpod.oval:def:500121
OpenLDAP is an open source suite of LDAP applications and development tools. A flaw was found in the way OpenLDAP handled authentication failures being passed from an OpenLDAP slave to the master. If OpenLDAP was configured with a chain overlay and it forwarded authentication failures, OpenLDAP wou ... oval:org.secpod.oval:def:200446 OpenLDAP is an open source suite of LDAP applications and development tools. A flaw was found in the way OpenLDAP handled authentication failures being passed from an OpenLDAP slave to the master. If OpenLDAP was configured with a chain overlay and it forwarded authentication failures, OpenLDAP wou ... oval:org.secpod.oval:def:1503569 Updated openldap packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ... oval:org.secpod.oval:def:201471 OpenLDAP is an open source suite of LDAP applications and development tools. A flaw was found in the way OpenLDAP handled authentication failures being passed from an OpenLDAP slave to the master. If OpenLDAP was configured with a chain overlay and it forwarded authentication failures, OpenLDAP wou ... oval:org.secpod.oval:def:500223 OpenLDAP is an open source suite of LDAP applications and development tools. A flaw was found in the way OpenLDAP handled authentication failures being passed from an OpenLDAP slave to the master. If OpenLDAP was configured with a chain overlay and it forwarded authentication failures, OpenLDAP wou ... oval:org.secpod.oval:def:106492 openldap is installed oval:org.secpod.oval:def:1800073 openldap is installed oval:org.secpod.oval:def:1800183 servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. Reference: Patch: oval:org.secpod.oval:def:1800861 servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. Reference Patch oval:org.secpod.oval:def:1800072 servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. Reference:¶ Patch:¶ oval:org.secpod.oval:def:1601295 A denial of service flaw was found in the way the OpenLDAP server daemon processed certain search queries requesting only attributes and no values. In certain configurations, a remote attacker could issue a specially-crafted LDAP search query that, when processed by slapd, would cause slapd to cras ... oval:org.secpod.oval:def:1802046 In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service . oval:org.secpod.oval:def:204685 OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and docum ... oval:org.secpod.oval:def:506033 OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. Security Fix: * openldap: NULL pointer dereference for unauthenticated ... oval:org.secpod.oval:def:1601534 In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping oval:org.secpod.oval:def:1601338 It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport Layer Security negotiation with OpenLDAP clients oval:org.secpod.oval:def:111972 OpenLDAP is an open source suite of LDAP applications and development tools. LDAP is a set of protocols for accessing directory services over the Internet, similar to the way DNS information is propagated over the Internet. The openldap package contains configuration files, libraries, and documen ... oval:org.secpod.oval:def:1600508 A flaw was found in the way OpenLDAP parsed OpenSSL-style cipher strings. As a result, OpenLDAP could potentially use ciphers that were not intended to be enabled. oval:org.secpod.oval:def:204248 OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and docum ... oval:org.secpod.oval:def:1501238 The remote host is missing a patch containing a security fix, which affects the following package(s): openldap oval:org.secpod.oval:def:501710 OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and docum ... oval:org.secpod.oval:def:19500012 In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion ...NOTE: https://bugs.openldap.org/show_bug.cgi?id=9454NOTE: trunk: https://git.openldap.org/openldap/openldap/-/commit/3539fc33212b528c56b716584f2c2994af7c30b0NOTE: REL_ENG 2.4.x: https://git.openldap.org/openldap/openldap/-/comm ... oval:org.secpod.oval:def:202390 OpenLDAP is an open source suite of LDAP applications and development tools. A denial of service flaw was found in the way the OpenLDAP server daemon processed certain search queries requesting only attributes and no values. In certain configurations, a remote attacker could issue a specially-craf ... oval:org.secpod.oval:def:202420 OpenLDAP is an open source suite of LDAP applications and development tools. It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport ... oval:org.secpod.oval:def:1601642 In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping oval:org.secpod.oval:def:1503798 Updated openldap packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is av ... oval:org.secpod.oval:def:1500368 Updated openldap packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, ... oval:org.secpod.oval:def:106491 OpenLDAP is an open source suite of LDAP applications and development tools. LDAP is a set of protocols for accessing directory services over the Internet, similar to the way DNS information is propagated over the Internet. The openldap package contains configuration files, libraries, and documen ... oval:org.secpod.oval:def:1600037 The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search ... oval:org.secpod.oval:def:203038 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:106379 OpenLDAP is an open source suite of LDAP applications and development tools. LDAP is a set of protocols for accessing directory services over the Internet, similar to the way DNS information is propagated over the Internet. The openldap package contains configuration files, libraries, and documen ... oval:org.secpod.oval:def:501184 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:1500388 Updated openldap packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ... oval:org.secpod.oval:def:1503934 Updated openldap packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, ... oval:org.secpod.oval:def:501191 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:203017 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:500823 OpenLDAP is an open source suite of LDAP applications and development tools. A denial of service flaw was found in the way the OpenLDAP server daemon processed certain search queries requesting only attributes and no values. In certain configurations, a remote attacker could issue a specially-craf ... oval:org.secpod.oval:def:500867 OpenLDAP is an open source suite of LDAP applications and development tools. It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport ... oval:org.secpod.oval:def:108695 OpenLDAP is an open source suite of LDAP applications and development tools. LDAP is a set of protocols for accessing directory services over the Internet, similar to the way DNS information is propagated over the Internet. The openldap package contains configuration files, libraries, and documen ... oval:org.secpod.oval:def:1501179 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:1501180 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:1501181 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:501660 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:1200169 A flaw was found in the way the OpenLDAP server daemon parsed certain Basic Encoding Rules data. A remote attacker could use this flaw to crash slapd via a specially crafted packet oval:org.secpod.oval:def:203737 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:203736 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:203735 OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ... oval:org.secpod.oval:def:112625 OpenLDAP is an open source suite of LDAP applications and development tools. LDAP is a set of protocols for accessing directory services over the Internet, similar to the way DNS information is propagated over the Internet. The openldap package contains configuration files, libraries, and documen ... oval:org.secpod.oval:def:502095 OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and docum ... oval:org.secpod.oval:def:1501944 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1800565 servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.. oval:org.secpod.oval:def:205613 OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and docum ... oval:org.secpod.oval:def:1504855 [2.4.44-23] - Fix CVE-2020-25692 openldap: NULL pointer dereference for unauthenticated packet in slapd oval:org.secpod.oval:def:500408 OpenLDAP is an open source suite of LDAP applications and development tools. A flaw was found in the way OpenLDAP handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick appli ... oval:org.secpod.oval:def:1701294 An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. Aft ... oval:org.secpod.oval:def:97586 [CLSA-2021:1638803748] Fixed CVE-2021-27212 in openldap oval:org.secpod.oval:def:97636 [CLSA-2022:1652986174] Fixed CVE-2022-29155 in openldap oval:org.secpod.oval:def:201935 OpenLDAP is an open source suite of LDAP applications and development tools. Multiple flaws were discovered in the way the slapd daemon handled modify relative distinguished name requests. An authenticated user with privileges to perform modrdn operations could use these flaws to crash the slapd d ... oval:org.secpod.oval:def:500384 OpenLDAP is an open source suite of LDAP applications and development tools. Multiple flaws were discovered in the way the slapd daemon handled modify relative distinguished name requests. An authenticated user with privileges to perform modrdn operations could use these flaws to crash the slapd d ... oval:org.secpod.oval:def:201950 OpenLDAP is an open source suite of LDAP applications and development tools. Multiple flaws were discovered in the way the slapd daemon handled modify relative distinguished name requests. An authenticated user with privileges to perform modrdn operations could use these flaws to crash the slapd d ... oval:org.secpod.oval:def:97736 [CLSA-2023:1689702499] openldap: Fix of CVE-2023-2953 oval:org.secpod.oval:def:19500269 A vulnerability was found in openldap that can cause a null pointer dereference in the ber_memalloc_x function |