Download
| Alert*
|
oval:org.secpod.oval:def:300269
A vulnerability was discovered and corrected in openldap: libraries/libldap/tls_o.c in OpenLDAP, when OpenSSL is used, does not properly handle a \"\0\" character in a domain name in the subject"s Common Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrar ... oval:org.secpod.oval:def:700417 It was discovered that OpenLDAP did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. oval:org.secpod.oval:def:100011 OpenLDAP is an open source suite of LDAP applications and development tools. LDAP is a set of protocols for accessing directory services over the Internet, similar to the way DNS information is propagated over the Internet. The openldap package contains configuration files, libraries, and documen ... oval:org.secpod.oval:def:500408 OpenLDAP is an open source suite of LDAP applications and development tools. A flaw was found in the way OpenLDAP handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick appli ... oval:org.mitre.oval:def:7899 It was discovered that OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, when OpenSSL is used, does not properly handle a "\0" character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arb ... oval:org.secpod.oval:def:500361 OpenLDAP is an open source suite of LDAP applications and development tools. An uninitialized pointer use flaw was discovered in the way the slapd daemon handled modify relative distinguished name requests. An authenticated user with privileges to perform modrdn operations could use this flaw to c ... oval:org.secpod.oval:def:202839 OpenLDAP is an open source suite of LDAP applications and development tools. An uninitialized pointer use flaw was discovered in the way the slapd daemon handled modify relative distinguished name requests. An authenticated user with privileges to perform modrdn operations could use this flaw to c ... oval:org.secpod.oval:def:202827 OpenLDAP is an open source suite of LDAP applications and development tools. An uninitialized pointer use flaw was discovered in the way the slapd daemon handled modify relative distinguished name requests. An authenticated user with privileges to perform modrdn operations could use this flaw to c ... |
