Search CVE reports
11 – 16 of 16 results
CVE-2007-5707
Medium prioritySome fixes available 4 of 8
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent.
3 affected packages
openldap2, openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2006-6493
Unknown priorityBuffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP is compiled with the --enable-kbind (Kerberos KBIND) option, allows remote attackers to execute arbitrary...
2 affected packages
openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2006-5779
Unknown priorityOpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.
2 affected packages
openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |
CVE-2006-4600
Unknown priorityslapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).
2 affected packages
openldap2, openldap2.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
CVE-2006-2754
Unknown priorityStack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname.
2 affected packages
openldap2, openldap2.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
CVE-2005-2069
Unknown prioritySome fixes available 7 of 9
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and...
4 affected packages
libnss-ldap, openldap2, openldap2.2, openldap2.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libnss-ldap | — | — | — | — | — |
| openldap2 | — | — | — | — | — |
| openldap2.2 | — | — | — | — | — |
| openldap2.3 | — | — | — | — | — |