Search CVE reports
41 – 50 of 52 results
CVE-2010-0211
Medium priorityThe slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly...
3 affected packages
openldap, openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2009-3767
Medium prioritylibraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate,...
4 affected packages
openldap, openldap2, openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap | — | — | — | — | — |
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2008-2952
Medium priorityliblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error.
3 affected packages
openldap, openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2008-0658
Medium prioritySome fixes available 4 of 8
slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related...
3 affected packages
openldap2, openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2007-6698
Medium prioritySome fixes available 4 of 8
The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a...
3 affected packages
openldap2, openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2007-5708
Low prioritySome fixes available 4 of 8
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and...
3 affected packages
openldap2, openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2007-5707
Medium prioritySome fixes available 4 of 8
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent.
3 affected packages
openldap2, openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2006-6493
Unknown priorityBuffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP is compiled with the --enable-kbind (Kerberos KBIND) option, allows remote attackers to execute arbitrary...
2 affected packages
openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2006-5779
Unknown priorityOpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.
2 affected packages
openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2006-4600
Unknown priorityslapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).
2 affected packages
openldap2, openldap2.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |